Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

OT-DETECT: Optimal transport-driven attack detection in cyber-physical systems

Souvik Das, Siddhartha Ganguly

Abstract

This article presents an optimal-transport (OT)-driven, distributionally robust attack detection algorithm, OT-DETECT, for cyber-physical systems (CPS) modeled as partially observed linear stochastic systems. The underlying detection problem is formulated as a minmax optimization problem using 1-Wasserstein ambiguity sets constructed from observer residuals under both the nominal (attack-free) and attacked regimes. We show that the minmax detection problem can be reduced to a finite-dimensional linear program for computing the worst-case distribution (WCD). Off-support residuals are handled via a kernel-smoothed score function that drives a CUSUM procedure for sequential detection. We also establish a non-asymptotic tail bound on the false-positive error of the CUSUM statistic under the nominal (attack-free) condition, under mild assumptions. Numerical illustrations are provided to evaluate the robustness properties of OT-DETECT.

OT-DETECT: Optimal transport-driven attack detection in cyber-physical systems

Abstract

This article presents an optimal-transport (OT)-driven, distributionally robust attack detection algorithm, OT-DETECT, for cyber-physical systems (CPS) modeled as partially observed linear stochastic systems. The underlying detection problem is formulated as a minmax optimization problem using 1-Wasserstein ambiguity sets constructed from observer residuals under both the nominal (attack-free) and attacked regimes. We show that the minmax detection problem can be reduced to a finite-dimensional linear program for computing the worst-case distribution (WCD). Off-support residuals are handled via a kernel-smoothed score function that drives a CUSUM procedure for sequential detection. We also establish a non-asymptotic tail bound on the false-positive error of the CUSUM statistic under the nominal (attack-free) condition, under mild assumptions. Numerical illustrations are provided to evaluate the robustness properties of OT-DETECT.
Paper Structure (8 sections, 3 theorems, 39 equations, 2 figures, 1 table)

This paper contains 8 sections, 3 theorems, 39 equations, 2 figures, 1 table.

Table of Contents

  1. Introduction, motivation, and background
  2. Preliminaries and problem description
  3. Stochastic linear systems
  4. The optimal detector
  5. LP formulation
  6. Kernel smoothing
  7. Theoretical guarantees
  8. Numerical validation and discussion

Key Result

Lemma 1

For any fixed $(P_1,P_2) \in \mathcal{P}_1 \times \mathcal{P}_2$, consider the inner minimization problem corresponding to the minmax problem eq:RobTest. Then the Neyman-Pearson-like randomized rule is optimal for the eq:RobTest:InnerProb with the risk $\mathrm{R}(P_1, P_2) = 1 - \mathsf{TV}(P_1,P_2)$. $\vardiamond$

Figures (2)

  • Figure 1: Comparing our detector with ref:AN-AT-AA-SD-2023, when $\widehat{v}_t \overset{\text{i.i.d.}}{\sim}\mathcal{N}(0, \sigma_{\mathrm{a}} \mathbb{I}_{d_y})$ for $\sigma_{\mathrm{a}} = 1.5$ (left) and $\sigma_{\mathrm{a}} = 2.5$ (right).
  • Figure 2: Comparing our detector with ref:AN-AT-AA-SD-2023, when $\widehat{v}_t \overset{\text{i.i.d.}}{\sim}\mathcal{N}(0, \sigma_{\mathrm{a}} \mathbb{I}_{d_y}) + \text{Exp}(\lambda)$ for $\lambda = 0.5$ (left) and $\lambda = 1.5$ (right).

Theorems & Definitions (7)

  • Lemma 1
  • Theorem 1
  • proof
  • Remark 1: Features of the Gaussian kernel smoothing
  • Theorem 2
  • Remark 2
  • proof : Proof of Theorem \ref{['thrm:cusum:azuma-type:bounds:new']}