Quickest Bayesian and non-Bayesian detection of false data injection attack in remote state estimation

In this paper, quickest detection of false data injection attack on remote state estimation is considered. A set of $N$ sensors make noisy linear observations of a discrete-time linear process with Gaussian noise, and report the observations to a remote estimator. The challenge is the presence of a few potentially malicious sensors which can start strategically manipulating their observations at a random time in order to skew the estimates. The quickest attack detection problem for a known {\em linear} attack scheme in the Bayesian setting with a Geometric prior on the attack initiation instant is posed as a constrained Markov decision process (MDP), in order to minimize the expected detection delay subject to a false alarm constraint, with the state involving the probability belief at the estimator that the system is under attack. State transition probabilities are derived in terms of system parameters, and the structure of the optimal policy is derived analytically. It turns out that the optimal policy amounts to checking whether the probability belief exceeds a threshold. Next, generalized CUSUM based attack detection algorithm is proposed for the non-Bayesian setting where the attacker chooses the attack initiation instant in a particularly adversarial manner. It turns out that computing the statistic for the generalised CUSUM test in this setting relies on the same techniques developed to compute the state transition probabilities of the MDP. Numerical results demonstrate significant performance gain under the proposed algorithms against competing algorithms.