Scalable and Optimal Security Allocation in Networks against Stealthy Injection Attacks

TL;DR

This work tackles security allocation in networked control systems facing stealthy data-injection attacks on a strongly connected digraph. It introduces an Attack-Energy-Constrained Output-to-Output gain metric and proves its well-posedness, formulating the defender’s monitoring problem as a (mixed-integer) SDP that optimally selects sensor-equipped monitor nodes under a budget. By analyzing worst-case disruption and leveraging a scalable design with diagonal Lyapunov variables, the authors derive a scalable algorithm that preserves optimality under a key condition and enables efficient defense for large networks. Numerical experiments validate the SDP-based optimal monitor placement against exhaustive search and demonstrate substantial computational savings with the diagonal-P_A approach. Overall, the framework provides a tractable, scalable path to robust security allocation in cyber-physical networks subject to stealthy injections.

Abstract

This paper addresses the security allocation problem in a networked control system under stealthy injection attacks. The networked system is comprised of interconnected subsystems which are represented by nodes in a digraph. An adversary compromises the system by injecting false data into several nodes with the aim of maximally disrupting the performance of the network while remaining stealthy to a defender. To minimize the impact of such stealthy attacks, the defender, with limited knowledge about attack policies and attack resources, allocates several sensors on nodes to impose the stealthiness constraint governing the attack policy. We provide an optimal security allocation algorithm to minimize the expected attack impact on the entire network. Furthermore, under a suitable local control design, the proposed security allocation algorithm can be executed in a scalable way. Finally, the obtained results are validated through several numerical examples.

Figures (2)

• Figure 1: The red stars are the optimal values found by Theorem \ref{['th:general_sol']} while black dots are found by an exhaustive-search method. The figure shows that the optimal defense costs found by Theorem \ref{['th:general_sol']} are extremely close to the minimum defense costs found by the exhaustive-search method. In more detail, the relative deviation between them lies in the range $[-3.13, \, 1.32]\times 10^{-4}\%$.
• Figure 2: Comparison in finding the worst-case disruption \ref{['Q_min_sdp']} (a) and in finding the optimal defense cost \ref{['R_sdp']} (b) by the two scenarios where the first scenario solves \ref{['Q_min_sdp']} and \ref{['R_sdp']} with symmetric $P_{\mathcal{A}}$ while the second scenario solves the same optimization problems with diagonal $P_{\mathcal{A}}$. The notations $\{ V_1({\mathcal{M}},{\mathcal{A}}), T_1, R^\star_{1} \}$ represent the result obtained from the first scenario while $\{ V_2({\mathcal{M}},{\mathcal{A}}), T_2, R^\star_{2} \}$ represent the result obtained from the second scenario. The figures show that the optimal values obtained from the two scenarios are almost identical while the computation time consumed by the second scenario is extremely lower than that of the first scenario.

Theorems & Definitions (25)

• Lemma 1: Limited end-point attacks
• proof
• Definition 1: Stealthy injection attacks
• Remark 1
• Remark 2: Game theory perspective
• Lemma 2: Bounded disruption
• Lemma 3: Worst-case disruption computation
• proof
• Lemma 4
• proof