Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Bayesian Methods for Trust in Collaborative Multi-Agent Autonomy

R. Spencer Hallyburton, Miroslav Pajic

TL;DR

This work analyzes the security of centralized multi-target tracking (MTT) in networks of autonomous agents under adversarial influence and demonstrates that the conventional track-score mechanism can be manipulated to confirm false targets. It introduces a Bayesian trust-estimation framework that uses trust pseudomeasurements (PSMs) and a Beta-Bernoulli model to infer trust over tracks and agents, running alongside MTT via a Gibbs-like alternating scheme. The key contributions include bounds on track-score updates under attack, a formal threat model, and a practical trust-estimation pipeline with closed-form Bayesian updates, plus case studies showing faster and more reliable identification of trusted tracks and distrusted agents when priors are available. The approach offers a principled, scalable augmentation to secure sensor fusion, enabling robust operation in contested environments where some agents may be compromised. Overall, trust estimation complements traditional fusion by providing probabilistic assessments of source reliability, improving resilience to Byzantine-like adversaries in multi-agent autonomy.

Abstract

Multi-agent, collaborative sensor fusion is a vital component of a multi-national intelligence toolkit. In safety-critical and/or contested environments, adversaries may infiltrate and compromise a number of agents. We analyze state of the art multi-target tracking algorithms under this compromised agent threat model. We prove that the track existence probability test ("track score") is significantly vulnerable to even small numbers of adversaries. To add security awareness, we design a trust estimation framework using hierarchical Bayesian updating. Our framework builds beliefs of trust on tracks and agents by mapping sensor measurements to trust pseudomeasurements (PSMs) and incorporating prior trust beliefs in a Bayesian context. In case studies, our trust estimation algorithm accurately estimates the trustworthiness of tracks/agents, subject to observability limitations.

Bayesian Methods for Trust in Collaborative Multi-Agent Autonomy

TL;DR

This work analyzes the security of centralized multi-target tracking (MTT) in networks of autonomous agents under adversarial influence and demonstrates that the conventional track-score mechanism can be manipulated to confirm false targets. It introduces a Bayesian trust-estimation framework that uses trust pseudomeasurements (PSMs) and a Beta-Bernoulli model to infer trust over tracks and agents, running alongside MTT via a Gibbs-like alternating scheme. The key contributions include bounds on track-score updates under attack, a formal threat model, and a practical trust-estimation pipeline with closed-form Bayesian updates, plus case studies showing faster and more reliable identification of trusted tracks and distrusted agents when priors are available. The approach offers a principled, scalable augmentation to secure sensor fusion, enabling robust operation in contested environments where some agents may be compromised. Overall, trust estimation complements traditional fusion by providing probabilistic assessments of source reliability, improving resilience to Byzantine-like adversaries in multi-agent autonomy.

Abstract

Multi-agent, collaborative sensor fusion is a vital component of a multi-national intelligence toolkit. In safety-critical and/or contested environments, adversaries may infiltrate and compromise a number of agents. We analyze state of the art multi-target tracking algorithms under this compromised agent threat model. We prove that the track existence probability test ("track score") is significantly vulnerable to even small numbers of adversaries. To add security awareness, we design a trust estimation framework using hierarchical Bayesian updating. Our framework builds beliefs of trust on tracks and agents by mapping sensor measurements to trust pseudomeasurements (PSMs) and incorporating prior trust beliefs in a Bayesian context. In case studies, our trust estimation algorithm accurately estimates the trustworthiness of tracks/agents, subject to observability limitations.
Paper Structure (25 sections, 4 theorems, 22 equations, 6 figures, 2 algorithms)

This paper contains 25 sections, 4 theorems, 22 equations, 6 figures, 2 algorithms.

Table of Contents

  1. Introduction
  2. Multiple Target Tracking (MTT)
  3. MTT as a Two-Step Problem
  4. Track Existence Determination via Likelihood Scoring
  5. Security Analysis of Track Scoring
  6. Threat Model
  7. Analysis of Track Score Updates
  8. Bounding Track Score Gain
  9. Bounding Change in Track Score
  10. Natural False Positive Gate Probability is Small
  11. Track Score Under Threat Model
  12. Estimation of Track and Agent Trust in MTT
  13. MTT With Trust Estimation Posterior
  14. Trust Pseudomeasurements (PSMs)
  15. Trust Estimation
  16. ...and 10 more sections

Key Result

Proposition 1

The contribution of any detection to the track score is bounded (from above) by:

Figures (6)

  • Figure 1: Trust estimation (green) is complementary to existing sensor fusion architectures (purple) for performing inference on data from multiple platforms (blue).
  • Figure 2: Consider that a malicious agent (left, red) provides an FP (O1) that is not detected by the benign agents (black). Under what conditions can MTT identify that O1 is an FP? That the red agent is malicious? "Track scoring" is a natural tool for existence determination, however, we show it is vulnerable to many adversarial cases. Instead, we propose to augment MTT by estimating the "trust" of tracks and agents.
  • Figure 3: Track scoring represents the probability that an object exists. Increments are calculated using gains from detections and losses from misses. With many detections, the true-object hypothesis score for O2 will increase. With a mix of detections and misses, the outcome for O1 is not obvious. We prove the conditions under which O2 is confirmed despite few detections and consistent misses in Theorem \ref{['thm:k-frames-to-confirm']}.
  • Figure 4: Following Theorem \ref{['thm:k-frames-to-confirm']}, even with only few agents viewing an object, adversaries can quickly confirm fake tracks. More benign agents viewing a track forces adversaries to use more time to establish a confirmed track. E.g., evaluating $f(K_a=1,K_b=1)\approx3$, $f(K_a=1,K_b=3)\approx6$.
  • Figure 5: Three agents with partially overlapping FOVs share detections with MTT to establish tracks. (Case 1) Agents 0 and 2 providing FP detections to try to establish malicious tracks, Tracks 2, 5. (Case 2) Agent 2 providing two FP detections for two malicious tracks, Tracks 4, 5. If any track is in only a single agent's FOV (e.g., Case 1, Track 1), not enough information is available to estimate track trust. With multiple overlapping observations (e.g., Case 2, Track 1), information from each agent will be used in concert with FOV models to form trust PSMs on tracks and agents.
  • ...and 1 more figures

Theorems & Definitions (8)

  • Proposition 1
  • proof
  • Proposition 2
  • proof
  • Proposition 3
  • proof
  • Theorem 1
  • proof