Strategies to Inject Spoofed Measurement Data to Mislead Kalman Filter

TL;DR

This paper explores how an attacker can inject minimal spoofed measurement data to deceive a Kalman filter, providing strategies that evade detection and effectively mislead the filter's estimates.

Contribution

It introduces novel attack strategies from the attacker's perspective, including methods to minimize spoofing signals and evade detection while misleading the Kalman filter.

Findings

Spoofing signals can effectively mislead Kalman filters.

Strategies exist to inject minimal signals that avoid detection.

Proven methods successfully deceive filters without triggering alarms.

Abstract

We study the problem of designing false measurement data that is injected to corrupt and mislead the output of a Kalman filter. Unlike existing works that focus on detection and filtering algorithms for the observer, we study the problem from the attacker's point-of-view. In our model, the attacker can corrupt the measurements by injecting additive spoofing signals. The attacker seeks to create a separation between the estimate of the Kalman filter with and without spoofed signals. We present a number of results on how to inject spoofing signals while minimizing the magnitude of the injected signals. The resulting strategies are evaluated through simulations along with theoretical proofs. We also evaluate the spoofing strategy in the presence of a $\chi^2$ spoof detector. Building on our main result, we present a strategy that is proven to successfully mislead a Kalman filter while ensuring it is not detected.