Unifying Threats Against Information Integrity In Participatory Crowd Sensing

This article proposes a unified threat landscape for participatory crowd sensing (P-CS) systems. Specifically, it focuses on attacks from organized malicious actors that may use the knowledge of P-CS platform\u27s operations and exploit algorithmic weaknesses in AI-based methods of event trust, user reputation, decision-making, or recommendation models deployed to preserve information integrity in P-CS. We emphasize on intent driven malicious behaviors by advanced adversaries and how attacks are crafted to achieve those attack impacts. Three directions of the threat model are introduced, such as attack goals, types, and strategies. We expand on how various strategies are linked with different attack types and goals, underscoring formal definition, their relevance, and impact on the P-CS platform

Detection Of False Data Injection In Smart Water Metering Infrastructure

Smart water metering (SWM) infrastructure collects real-Time water usage data that is useful for automated billing, leak detection, and forecasting of peak periods. Cyber/physical attacks can lead to data falsification on water usage data. This paper proposes a learning approach that converts smart water meter data into a Pythagorean mean-based invariant that is highly stable under normal conditions but deviates under attacks. We show how adversaries can launch deductive or camouflage attacks in the SWM infrastructure to gain benefits and impact the water distribution utility. Then, we apply a two-Tier approach of stateless and stateful detection, reducing false alarms without significantly sacrificing the attack detection rate. We validate our approach using real-world water usage data of 92 households in Alicante, Spain for varying attack scales and strengths and prove that our method limits the impact of undetected attacks and expected time between consecutive false alarms. Our results show that even for low-strength, low-scale deductive attacks, the model limits the impact of an undetected attack to only C0.2199375 and for high-strength, low-scale camouflage attack, the impact of an undetected attack was limited to C1.43437

Look-Up Table based FHE System for Privacy Preserving Anomaly Detection in Smart Grids

In advanced metering infrastructure (AMI), the customers\u27 power consumption data is considered private but needs to be revealed to data-driven attack detection frameworks. In this paper, we present a system for privacy-preserving anomaly-based data falsification attack detection over fully homomorphic encrypted (FHE) data, which enables computations required for the attack detection over encrypted individual customer smart meter\u27s data. Specifically, we propose a homomorphic look-up table (LUT) based FHE approach that supports privacy preserving anomaly detection between the utility, customer, and multiple partied providing security services. In the LUTs, the data pairs of input and output values for each function required by the anomaly detection framework are stored to enable arbitrary arithmetic calculations over FHE. Furthermore, we adopt a private information retrieval (PIR) approach with FHE to enable approximate search with LUTs, which reduces the execution time of the attack detection service while protecting private information. Besides, we show that by adjusting the significant digits of inputs and outputs in our LUT, we can control the detection accuracy and execution time of the attack detection, even while using FHE. Our experiments confirmed that our proposed method is able to detect the injection of false power consumption in the range of 11-17 secs of execution time, depending on detection accuracy

Active Learning Augmented Folded Gaussian Model for Anomaly Detection in Smart Transportation

Smart transportation networks have become instrumental in smart city applications with the potential to enhance road safety, improve the traffic management system and driving experience. A Traffic Message Channel (TMC) is an IoT device that records the data collected from the vehicles and forwards it to the Roadside Units (RSUs). This data is further processed and shared with the vehicles to inquire the fastest route and incidents that can cause significant delays. The failure of the TMC sensors can have adverse effects on the transportation network. In this paper, we propose a Gaussian distribution-based trust scoring model to identify anomalous TMC devices. Then we propose a semi-supervised active learning approach that reduces the manual labeling cost to determine the threshold to classify the honest and malicious devices. Extensive simulation results using real-world vehicular data from Nashville are provided to verify the accuracy of the proposed method

Privacy-Preserving Data Falsification Detection in Smart Grids using Elliptic Curve Cryptography and Homomorphic Encryption

In an advanced metering infrastructure (AMI), the electric utility collects power consumption data from smart meters to improve energy optimization and provides detailed information on power consumption to electric utility customers. However, AMI is vulnerable to data falsification attacks, which organized adversaries can launch. Such attacks can be detected by analyzing customers\u27 fine-grained power consumption data; however, analyzing customers\u27 private data violates the customers\u27 privacy. Although homomorphic encryption-based schemes have been proposed to tackle the problem, the disadvantage is a long execution time. This paper proposes a new privacy-preserving data falsification detection scheme to shorten the execution time. We adopt elliptic curve cryptography (ECC) based on homomorphic encryption (HE) without revealing customer power consumption data. HE is a form of encryption that permits users to perform computations on the encrypted data without decryption. Through ECC, we can achieve light computation. Our experimental evaluation showed that our proposed scheme successfully achieved 18 times faster than the CKKS scheme, a common HE scheme

Anomaly based Incident Detection in Large Scale Smart Transportation Systems

Modern smart cities are focusing on smart transportation solutions to detect and mitigate the effects of various traffic incidents in the city. To materialize this, roadside units and ambient trans-portation sensors are being deployed to collect vehicular data that provides real-time traffic monitoring. In this paper, we first propose a real-time data-driven anomaly-based traffic incident detection framework for a city-scale smart transportation system. Specifically, we propose an incremental region growing approximation algorithm for optimal Spatio-temporal clustering of road segments and their data; such that road segments are strategically divided into highly correlated clusters. The highly correlated clusters enable identifying a Pythagorean Mean-based invariant as an anomaly detection metric that is highly stable under no incidents but shows a deviation in the presence of incidents. We learn the bounds of the invariants in a robust manner such that anomaly detection can generalize to unseen events, even when learning from real noisy data. We perform extensive experimental validation using mobility data collected from the City of Nashville, Tennessee, and prove that the method can detect incidents within each cluster in real-time

Quantifying Trust and Reputation for Defense against Adversaries in Multi-Channel Dynamic Spectrum Access Networks

Dynamic spectrum access enabled by cognitive radio networks are envisioned to drive the next generation wireless networks that can increase spectrum utility by opportunistically accessing unused spectrum. Due to the policy constraint that there could be no interference to the primary (licensed) users, secondary cognitive radios have to continuously sense for primary transmissions. Typically, sensing reports from multiple cognitive radios are fused as stand-alone observations are prone to errors due to wireless channel characteristics. Such dependence on cooperative spectrum sensing is vulnerable to attacks such as Secondary Spectrum Data Falsification (SSDF) attacks when multiple malicious or selfish radios falsify the spectrum reports. Hence, there is a need to quantify the trustworthiness of radios that share spectrum sensing reports and devise malicious node identification and robust fusion schemes that would lead to correct inference about spectrum usage. In this work, we propose an anomaly monitoring technique that can effectively capture anomalies in the spectrum sensing reports shared by individual cognitive radios during cooperative spectrum sensing in a multi-channel distributed network. Such anomalies are used as evidence to compute the trustworthiness of a radio by its neighbours. The proposed anomaly monitoring technique works for any density of malicious nodes and for any physical environment. We propose an optimistic trust heuristic for a system with a normal risk attitude and show that it can be approximated as a beta distribution. For a more conservative system, we propose a multinomial Dirichlet distribution based conservative trust framework, where Josang*s Belief model is used to resolve any uncertainty in information that might arise during anomaly monitoring. Using a machine learning approach, we identify malicious nodes with a high degree of certainty regardless of their aggressiveness and variations introduced by the pathloss environment. We also propose extensions to the anomaly monitoring technique that facilitate learning about strategies employed by malicious nodes and also utilize the misleading information they provide. We also devise strategies to defend against a collaborative SSDF attack that is launched by a coalition of selfish nodes. Since, defense against such collaborative attacks is difficult with popularly used voting based inference models or node centric isolation techniques, we propose a channel centric Bayesian inference approach that indicates how much the collective decision on a channels occupancy inference can be trusted. Based on the measured observations over time, we estimate the parameters of the hypothesis of anomalous and non-anomalous events using a multinomial Bayesian based inference. We quantitatively define the trustworthiness of a channel inference as the difference between the posterior beliefs associated with anomalous and non-anomalous events. The posterior beliefs are updated based on a weighted average of the prior information on the belief itself and the recently observed data. Subsequently, we propose robust fusion models which utilize the trusts of the nodes to improve the accuracy of the cooperative spectrum sensing decisions. In particular, we propose three fusion models: (i) optimistic trust based fusion, (ii) conservative trust based fusion, and (iii) inversion based fusion. The former two approaches exclude untrustworthy sensing reports for fusion, while the last approach utilizes misleading information. All schemes are analyzed under various attack strategies. We propose an asymmetric weighted moving average based trust management scheme that quickly identifies on-off SSDF attacks and prevents quick trust redemption when such nodes revert back to temporal honest behavior. We also provide insights on what attack strategies are more effective from the adversaries* perspective. Through extensive simulation experiments we show that the trust models are effective in identifying malicious nodes with a high degree of certainty under variety of network and radio conditions. We show high true negative detection rates even when multiple malicious nodes launch collaborative attacks which is an improvement over existing voting based exclusion and entropy divergence techniques. We also show that we are able to improve the accuracy of fusion decisions compared to other popular fusion techniques. Trust based fusion schemes show worst case decision error rates of 5% while inversion based fusion show 4% as opposed majority voting schemes that have 18% error rate. We also show that the proposed channel centric Bayesian inference based trust model is able to distinguish between attacked and non-attacked channels for both static and dynamic collaborative attacks. We are also able to show that attacked channels have significantly lower trust values than channels that are not– a metric that can be used by nodes to rank the quality of inference on channels

Information Integrity In Participatory Crowd-Sensing Via Robust Trust Models

In this chapter, we propose a recipe for event truthfulness scoring and user reputation scoring framework that is immune to the cold start problem in participatory mobile crowd-sensing applications, while being robust to attacks that target operational and AI-based weaknesses in mobile crowd-sensing and existing trust models. Our method does not need to depend on the knowledge of ground truth nor the existence of a prior user reputation, both of which are impractical assumptions during the cold start phase. Specifically, we first show subtle variations of dishonest intent in terms of fake event reporting attacks as an operational vulnerability. Additionally, we show threats that weaponize design provisions that help assess event truthfulness, in the form of feedback weaponizing attacks as an AI-based vulnerability. Furthermore, we show how existing methods of trust and reputation should be modified to jointly mitigate the effects of both fake event reporting and feedback weaponizing attacks, during the cold start, by using a vehicular crowd-sensing application as a proof-of-concept. Our design modifications are inspired by cognitive psychology, behavioral economics, and symbolic AI, and how they can be seamlessly embedded into known approaches for trust and reputation scoring