Security of Gradient Tracking Algorithms Against Malicious Agents

TL;DR

The paper investigates the robustness of the Wang--Elia gradient-tracking algorithm against a malicious agent in distributed optimization, introducing a central optimization-based security metric $\gamma$ that captures worst-case stealthy impact. It identifies fundamental vulnerabilities through unstable invariant zeros and relative-degree mismatches, proving scenarios where $\gamma$ becomes unbounded and proposing a well-posed variant using modified outputs and an SDP formulation to quantify risk. To enable practical design, the authors develop two strategies: (i) optimal monitor placement and (ii) optimal edge design, both cast as SDPs and demonstrated on representative graphs. The framework is further extended to nonlinear, polynomial-cost settings via Sum-of-Squares relaxations, enabling robustness assessments and design guidance for a broad class of distributed systems with gradient-tracking dynamics.

Abstract

Consensus algorithms are fundamental to multi-agent distributed optimization, and their security under adversarial conditions is an active area of research. While prior works primarily establish conditions for successful global consensus under attack, little is known about system behavior when these conditions are violated. This paper addresses this gap by investigating the robustness of the Wang--Elia algorithm, which is a robust to noise version of gradient tracking algorithm, in the presence of malicious agents. We consider a network of agents collaboratively minimizing a global cost function, where a subset of agents may transmit faulty information to disrupt consensus. To quantify resilience, we formulate a security metric as an optimization problem, which is rooted in centralized attack detection literature. We provide a tractable reformulation of the optimization problem, and derive conditions under which the metric becomes unbounded, identifying undetectable attack signals that reveal inherent vulnerabilities. To facilitate design and analysis, we propose a well-posed variant of the metric and propose design methods to enhance network robustness against stealthy adversarial attacks. Numerical examples demonstrate the effectiveness of the proposed framework to enhance the resilience of multi-agent distributed optimization.

Figures (3)

• Figure 1: Performance of the Wang--Elia algorithm under nominal conditions and under zero dynamics attack (ZDA).
• Figure 2: Graph structure considered in Example \ref{['exmp:design1']}. Edges are represented by solid black lines, and the red nodes indicate nodes possibly under attack. The value of $\sum_{v_a \in \mathcal{A}} \tilde{\gamma}(v_m, v_a,K)$ corresponding to each candidate monitoring node $v_m$ is shown next to the node.
• Figure 3: Box plot of $\log\left(\phi_i + \sum_{v_a \in \mathcal{A}} \tilde{\gamma}\left(v_3,v_1,K(e_{f,i})\right)\right)$ for a ring graph when the edges denoted in the x-axis are added. On each box, the central mark indicates the median, and the bottom and top edges of the box indicate the $25^{th}$ and $75^{th}$ percentiles, respectively. The whiskers extend to the most extreme data points.

Theorems & Definitions (3)

• definition 1: Stealthy attack
• definition 2: Unstable Invariant Zero
• definition 3: Relative degree