Data-Injection Attacks

TL;DR

This paper reviews data-injection attacks on state estimation systems, analyzing the fundamental limits, detection trade-offs, and the impact of imperfect statistical knowledge on attack effectiveness.

Contribution

It introduces a Bayesian framework for attack detection, characterizes the impact-detection trade-off, and explores effects of limited statistical information on attack success.

Findings

Analytical characterization of attack impact versus detection probability.

Fundamental limits of detection using information-theoretic measures.

Impact of limited training data on attack performance.

Abstract

In this chapter we review some of the basic attack constructions that exploit a stochastic description of the state variables. We pose the state estimation problem in a Bayesian setting and cast the bad data detection procedure as a Bayesian hypothesis testing problem. This revised detection framework provides the benchmark for the attack detection problem that limits the achievable attack disruption. Indeed, the trade-off between the impact of the attack, in terms of disruption to the state estimator, and the probability of attack detection is analytically characterized within this Bayesian attack setting. We then generalize the attack construction by considering information-theoretic measures that place fundamental limits to a broad class of detection, estimation, and learning techniques. Because the attack constructions proposed in this chapter rely on the attacker having access to the statistical structure of the random process describing the state variables, we conclude by studying the impact of imperfect statistics on the attack performance. Specifically, we study the attack performance as a function of the size of the training data set that is available to the attacker to estimate the second-order statistics of the state variables.