Sage Journals: Discover world-class research

Abstract

Distributed detection in wireless sensor networks (WSNs) under Byzantine attacks is studied in this paper. A new kind of Byzantine attacks, neighborhood malicious Byzantine attacks (NMBA), is proposed. In this type of Byzantine attacks, part of sensors is conquered and reprogrammed by an intelligent adversary. These sensors then are conducted to send false information to the fusion center (FC) in order to confuse it. We see that the attacking performance of NMBA is very close to that of collaborative malicious Byzantine attacks (CMBA) and outperforms independent malicious Byzantine attacks (IMBA). Decision fusion becomes impossible when attacking power which is the fraction of compromised sensors in WSNs exceeds a specific value. A closed-form expression for the value is derived. For mitigating attacking effect brought by NMBA, a strategy for estimating the attacking power is proposed. Furthermore, a scheme to identify Byzantine attackers is presented. Two kinds of discrepancy distance are constructed in this paper to help in identifying Byzantine attackers. We prove that most of Byzantine attackers are identified and performance of the identifying scheme is proved to be excellent. A data fusion scheme based on both dynamic threshold and the identifying scheme is analyzed in this paper. Numerical results are also provided to support the schemes and approaches.

1. Introduction

Wireless sensor networks (WSNs) consist of a large number of tiny power-limited sensors that are densely and spatially deployed to monitor physical phenomena. When detecting a target in the region of interest (ROI), all the sensors in network report their findings to the fusion center (FC) where a global-final decision is made. For the advantage of easy deployment and fast self-organization, WSNs have been widely used [1]. Due to the increasing importance of being used in both military and civilian applications, it is imperative to incorporate secure localization and detection into WSNs. However, limited by both the processing capability and power supply of sensor nodes, secure detection in WSNs has been a challenging task. WSNs are also vulnerable to tampering. A serious threat to WSNs is Byzantine attacks where some authenticated sensor nodes have been fully controlled by an intelligent adversary. These compromised sensors are dispatched to disrupt or confuse the FC. While Byzantine attacks may, in general, refer to many types of Byzantine behaviors [2, 3], our focus in this paper is on Byzantine attacks in terms of data-falsification. In this type of attack, compromised nodes are reprogrammed and then forced to send falsified data to the FC in order to undermine the inference performance of network. The main goal of Byzantine attackers is to havoc performance of the FC as much as possible so that decider at the FC is unable to utilize sensors' information to determine the presence of target correctly.

An important task that WSNs need to perform is target detection, which is imperative for an accurate tracking of target. In the context of Byzantine attackers attempting to disrupt the network, a reliable algorithm of detection needs to be introduced. In [4, 5], several algorithms have been developed for secure detection and localization in WSNs. The techniques based on direction of arrival (DOA) and time of arrival (TOA) (or time-difference-of-arrival (TDOA)) have been investigated in [4] and [5], respectively. However, the TDOA is not suitable for detecting target because sensor nodes are narrow band and lack accurate synchronization. Several researchers have focused on developing techniques that do not suffer from imperfect time synchronization. For example, scheme of measuring intensity of signal energy is used to detect target. Therefore, convenience of the energy-based method gives feasibility to detect and localize a target through detecting energy. In [6, 7], each cognitive radio adopts an effective detection scheme based harvesting energy to make its decision and determine whether there is a licensed user requesting to occupy the spectrum band. Each cognitive radio sensor detects intensity of signal and measures the energy received. If the measured energy is greater than a properly predefined threshold, the current spectrum is busy. Otherwise, the current spectrum is idle. We adopt this scheme in this paper to detect whether there is a target in the ROI.

Marano et al. have investigated distributed detection in the presence of Byzantine attacks in [8, 9], where Byzantine attackers are assumed to have a complete knowledge about the true hypotheses. In their system model, the authors assumed that the FC did not know which sensor node was Byzantine attacker. Though the FC did not know which sensor node was Byzantine attacker, it knew average percentage of compromised sensor nodes or upper bound of the average. Vempaty et al. have also analyzed the problem of distributed detection under Byzantine attacks in [10]. However, they did not assume that the Byzantine sensors had a complete knowledge about true hypotheses. Instead, they assumed that the Byzantine sensors made decisions about the presence of target through their own observations. In other words, each Byzantine sensor potentially flips the local decision made at the node. The performance of network has also been analyzed in the context of presence of independent and collaborative Byzantine attacks, respectively, in [10]. In addition to the analysis of distributed detection in the presence of Byzantine attacks, an adaptive learning scheme that mitigated the effect brought by Byzantine attackers has been proposed by Vempaty et al. in [10]. The scheme identifies Byzantine sensors through observing the ratio value of deviations between the estimated behavior of ith sensor and the expected behavior of an Honest sensor to the estimated behavior of ith sensor and the expected behavior of a Byzantine sensor. If the value is greater than 1, the FC declares the sensor to be Byzantine. Otherwise, the FC tags the sensor as Honest. In order to maximize the performance of decision fusion, the FC then removes those decisions that are from sensors tagged as Byzantine when the FC makes a global decision at the next time.

In literature [10, 11], analysis of performance of the network under independent and collaborative malicious Byzantine attacks has been performed, respectively. When a target enters into the monitoring region, the ith compromised sensor node has a detection and makes a local/original decision. In the case of independent malicious Byzantine attacks (IMBA), the local decision of ith compromised sensor completely depends on its own observation. In the case of collaborative Byzantine attacks (CMBA), the local decision of ith compromised sensor depends on not only its own observation but also decisions from the remaining compromised sensors. In the scenario of IMBA, though Byzantine sensor can make multiple observations in a proper time window and average these observations in order to reduce the effect of additive noise, it is not effective significantly when Byzantine sensor nodes stay far away from a target in the ROI. In addition, a sensor that adopts IMBA has no way to conquer a certain degree of blind flipping of its own decision. In the situation of CMBA, each Byzantine sensor communicates with the left compromised sensors and refers to their decisions before determining its own local decision. Although CMBA produces remarkable improvement in attacking effect, much energy has been consumed in communication among Byzantine sensors, especially when Byzantine sensor nodes are deployed sparsely. In addition to analysis of performance of distributed detection in the presence of Byzantine attacks, the blinding attacking power α has been obtained. The blinding attacking power ( $α_{blind}$ ) is equal to 0.5 and 0.35 in the case of IMBA and CMBA, respectively [11]. Motivated by this, we propose a new Byzantine attacks model named after neighborhood malicious Byzantine attacks (NMBA). NMBA is such a kind of attacks model where each compromised sensor node in the network determines whether there is a target or not in the ROI depending on not only its own local decision but also a certain amount of decisions coming from Honest sensors which are nearest around the compromised sensor. Then each Byzantine sensor node employs a majority strategy among decisions to make a final local decision. At last the Byzantine sensor node flips the final local decision confidently and sends false decision to the FC.

Attacking power α which is also termed indicator of the vulnerability of the sensor networks is a crucial performance metric [12, 13]. We assume that there are a large number of sensor nodes deployed in the ROI. According to the law of large numbers, α is equal to the ratio of number of compromised sensors to the total number of sensors in the network ( $α \in [0,1]$ ). In practice, although the FC knows the presence of Byzantine sensors in the network, decider at the FC can hardly determine the exact attacking power [14]. If the decider knows the attacking power, it is convenient for the FC to adopt a robust strategy to mitigate the negative effect caused by Byzantine attackers [15, 16]. In this paper, we propose a simple and effective scheme to determine the attacking power in the perspective of decider at the FC. After the attacking power is estimated, two kinds of discrepancy distance which are used to help in identifying Byzantine sensors are constructed in this paper.

An effective scheme of decision fusion plays an important role in the FC [17–19]. Many literatures focused on the mitigation of Byzantine attacks and developed algorithms to design a static and identical threshold for decision making at the FC [11, 14]. Several authors have proposed online learning of normal trajectory patterns for detection in trajectory in [20]. In this paper, we propose an effective scheme based on both dynamic threshold and identifying Byzantine attackers for decision fusion at the FC.

The paper is organized as follows. In Section 2, we describe our system model including detection model and NMBA attacking model. In order to formulate the problem of distributed detection in WSNs clearly, we divide the process of decision fusion into three hierarchies or stages in this section. The attacks model of NMBA is proposed at the first stage which is different from independent Byzantine attacks and collaborative Byzantine attacks. The performance metric is also presented. In Section 3, we determine the optimal attacking strategy in the perspective of Byzantine attackers and closed-form expression for blinding region is derived. Comparison among IMBA, CMBA, and NMBA is also performed and numerical results are provided at the same time. From the perspective of network designer, we propose a fusion scheme based on dynamic threshold to make a reliable global decision and analyze how the FC identifies Byzantine attackers to enhance the fusion performance in Section 4. The attacking power is also estimated. Finally, we present our conclusion in Section 5.

2. System Model

2.1. Detection Model

A network with N sensor nodes which are spatially deployed in the ROI is considered. All sensor nodes in this network are independent on functionality. Each sensor makes a decision independently after detection. As illustrated in Figure 1, the sensor nodes which are denoted as symbol of plus are shown to be deployed on a regular grid and intensity of energy attenuated as the distance from the target that is represented as blue star increases. It is worth mentioning that the detection scheme based on harvesting energy is capable of handling any kind of deployment as long as the location information of each sensor node is available at the FC. The uniform sensor deployment shown in Figure 1 is only a special case. In any one kind of deployment, N sensor nodes can correctly detect a target when the target intrudes at the position $θ = (x_{t}, y_{t})$ , where $x_{t}$ and $y_{t}$ denote the coordinate of this target location in 2D Cartesian. We introduce an isotropic intensity of signal attenuation model as follows:

\begin{matrix} a_{i}^{2} = P_{0} {(\frac{d_{0}}{d_{E, i}})}^{n}, \end{matrix}

(1)

where

a_{i}

is the signal amplitude received at ith sensor and

P_{0}

is the emitted power measured at a reference distance

d_{0}

. n is the power decay exponent, and

d_{E, i}

is the Euclidean distance between the target and ith sensor:

\begin{matrix} d_{E, i} = \sqrt{{(x_{t} - x_{i})}^{2} + {(y_{t} - y_{i})}^{2}}, i = 1,2, \dots, N, \end{matrix}

(2)

in which

(x_{i}, y_{i})

are the coordinate of ith sensor. For simplicity but without loss of generality in this paper, we let

n = 2

d_{0} = 1

[10]. As a result, (1) can be expressed as

\begin{matrix} a_{i}^{2} = \frac{P_{0}}{{(d_{E, i})}^{2}}, i = 1,2, \dots, N . \end{matrix}

(3)

Equation (3) is a quite general model for signal attenuation of electromagnetic wave that propagates isotropically in free space. However, when the signal of energy arrives at ith sensor, it has been contaminated by additive white Gaussian noise in practice. Therefore, the signal amplitude received at ith sensor is expressed as

r_{i} = a_{i} + n_{i}

, in which

n_{i}

is Gaussian noise which follows standard normal distribution. Here, we assume that all sensors in the network have the identical additive white Gaussian noise, that is,

n_{i} ~ N (μ, σ^{2})

i = 1,2, \dots, N

Figure 1

The sensors are deployed in a regular grid. Each sensor independently harvests the energy propagated from target.

Each sensor node needs to quantize the received signal of energy because of its limitations of bandwidth and energy and sends quantized binary measurements to the FC. Threshold of quantizers is adopted in this work for its simplicity of both easy implementation and analysis as follows:

\begin{matrix} {\tilde{d}}_{i} = \{\begin{cases} 1, & r_{i} > ς_{i}, \\ 0, & r_{i} < ς_{i}, \end{cases} \end{matrix}

(4)

where

{\tilde{d}}_{i}

and

ς_{i}

are local decisions made by ith sensor after quantizing the received signal and a predefined threshold adopted by ith sensor, respectively. In this paper, we assume that all of the sensors share the identical threshold; that is,

ς_{i} = ς

i = 1,2, \dots, N

In this work, the classical distribution detection model is taken into account where two hypotheses are considered. Each sensor solves hypothesis testing problem and makes a local decision on either hypothesis $H_{0}$ (target is absent) or $H_{1}$ (target is present). We consider the scenario that the adversary knows the complete information about the location of sensors and is capable of attacking all the sensors simultaneously. Due to the constraint of budget, the Byzantine attackers conquer only a part of nodes in the network to deteriorate capability of inference performance of network. These Byzantine sensors transmit false decision to the FC in order to deteriorate inference performance of the network. We assume that the channel between the FC and local sensors is error-free. The original or local one-bit decision generated at ith sensor node is denoted as ${\tilde{d}}_{i} \in \{0,1\}$ , $i = 1,2, \dots, N$ . Then the ith sensor reports one-bit decision $d_{i}$ to the FC where $d_{i} = {\tilde{d}}_{i}$ if ith sensor is Honest. For a Byzantine sensor, the local original decision $d_{i}$ need not be equal to ${\tilde{d}}_{i}$ in our attacks model.

Let $N_{H}$ and $N_{B}$ be the number of Honest and Byzantine sensors, respectively. The total number of sensors can be expressed as $N = N_{H} + N_{B}$ and the number of Byzantine sensor nodes $N_{B}$ is equal to $α \cdot N$ . In the perspective of Byzantine attackers, conquering N sensors is not a wise strategy for the adversary itself at the risk of exposed activity. The main goal of adversary is to compromise a fraction of sensors to degrade the performance of the FC instead of capturing the network with a huge cost. Therefore, we have $N_{B} < N$ . We use $P_{d}^{H} (i) = \Pr ({\tilde{d}}_{i} = 1 | H_{1}, H)$ and $P_{fa}^{H} (i) = \Pr ({\tilde{d}}_{i} = 1 | H_{0}, H)$ to denote the probability of detection and false-alarm of ith sensor, respectively. We use H to present a sensor node to be Honest and $i \in \{1,2, \dots, N_{H}\}$ . The detection probability of ith sensor can be expressed as

\begin{matrix} P_{d}^{H} (i) = \Pr ({\tilde{d}}_{i} = 1 | H_{1}, H) = \Pr (a_{i} + n_{i} > ς_{i}) = Q (\frac{ς_{i} - a_{i} - μ}{σ}) . \end{matrix}

(5)

Similarly, the false-alarm probability of

i t h

sensor can be expressed as

\begin{matrix} P_{fa}^{H} (i) = \Pr (n_{i} > ς_{i}) = Q (\frac{ς_{i} - μ}{σ}), \end{matrix}

(6)

where

Q (\cdot)

is the complementary distribution function of the standard Gaussian

\begin{matrix} Q (x) = \int_{x}^{\infty} \frac{1}{\sqrt{2 π}} e^{- t^{2} / 2} d t . \end{matrix}

(7)

When a target intrudes into the ROI, each sensor node starts to sense and record the energy propagated from the target using detection scheme based on harvesting energy [21]. We let each sensor perform K observations in a small time window T where target is assumed to be static. This is a reasonable assumption. For example, if the sampling rate of each sensor is 6000 Hz, a target with a speed of 100 km/h only moves 0.25 m during

T = 54

sampling intervals [22]. The jth observation at ith sensor node can be expressed as

{\tilde{d}}_{i j}

i \in \{1,2, \dots, N\}

and

j \in \{1,2, \dots, K\}

. A local/original decision matrix

\tilde{D} = {[{\tilde{d}}_{1}, {\tilde{d}}_{2}, \dots, {\tilde{d}}_{N}]}^{T}

is generated where

{\tilde{d}}_{i} = {({\tilde{d}}_{i 1}, {\tilde{d}}_{i 2}, \dots, {\tilde{d}}_{i K})}^{T}

is the vector of local/original decision at the ith sensor node. And

{\tilde{d}}_{i j} \in \{0,1\}

i \in \{1,2, \dots, N\}

and

j \in \{1,2, \dots, K\}

. The FC receives N vectors of decisions from local sensors. Then, a decision matrix

D = {[d_{1}, d_{2}, \dots, d_{N}]}^{T}

is formulated at the FC; that is,

D = {(d_{i j})}_{N \times K}

, where

d_{i j} \in \{0,1\}

i \in \{1,2, \dots, N\}

and

j \in \{1,2, \dots, K\}

. The local/original decision matrix

\tilde{D}

is equal to D if there is no presence of Byzantine attackers.

In order to formulate the problem in the process of decision fusion, we divide the process into three hierarchies/stages. As illustrated in Figure 2, ith sensor makes a local/original vector of ${\tilde{d}}_{i}$ and sends the vector $d_{i}$ into the FC after ${\tilde{d}}_{i}$ is probably “attacked” at the first stage. A decision matrix D is formulated from which the vector of global decision $z = (z_{1}, z_{2}, \dots, z_{K})$ is mapped at the second stage. At the last stage, a global-final decision z is mapped from vector z at the FC.

Figure 2

Model of three hierarchies. ${\tilde{d}}_{i}$ is the vector of local decision made by ith sensor $S_{i}$ , $d_{i}$ is the vector of decision sent to the FC, $i = 1,2, \dots, N$ . $D_{N \times K}$ is the decision matrix formulated at the FC, z is global decision vector, and z is global-final decision.

2.2. Byzantine Attacks Model

In the attacks model of NMBA, the ith Byzantine sensor has exactly $M_{i} - 1$ ( $i = 1,2, \dots, N_{B}$ ) neighbors to consult and $M_{i} \leq N_{H}$ . In order to facilitate analysis, we assume that the scenario of many Byzantine sensors flocking together does not happen. Namely, the whole Byzantine sensor nodes are deployed sparsely by intelligent adversary in the ROI. In the case of N sensors deployed on a regular grid, NMBA has several neighborhood types including diamond type and square type. For each Byzantine sensor, its neighborhood nodes are those sensors that are the nearest and Honest around it in specific neighborhood type. We assume that each Byzantine sensor knows the identifications of the remaining compromised sensors. Each Byzantine sensor consults all of its neighborhood nodes to make a wise and tricky decision. In Figure 3, the type of square neighborhood is presented and the case of $M_{i} = M = 9$ is considered. Clearly, each Byzantine sensor node consults its eight neighbors and makes a decision based on decisions from its neighbors.

Figure 3

Square type of NMBA in the case of M. The blue star is a intruding target and symbol plus is denoted as sensor. Byzantine sensors are denoted as plus symbol covered with diamond. Each Byzantine sensor has 9 decisions after consulting its 8 neighborhood nodes.

We make the conditional i.i.d. assumption under which observations from sensors are conditionally independent and identically distributed. The jth observation at ith sensor then has the distributions

\begin{matrix} H_{0} : v_{i j} (k) = \Pr (d_{i j} = k | H_{0}) = (1 - α) \Pr (d_{i j} = k | H_{0}, H) + α \Pr (d_{i j} = k | H_{0}, B), \\ H_{1} : u_{i j} (k) = \Pr (d_{i j} = k | H_{1}) = (1 - α) \Pr (d_{i j} = k | H_{1}, H) + α \Pr (d_{i j} = k | H_{1}, B) \\ i \in \{1,2, \dots, N\}, j \in \{1,2, \dots, K\}, k \in \{0,1\} . \end{matrix}

(8)

If ith sensor is Honest, its observation

k \in \{0,1\}

follows distributions p and q under hypotheses

H_{0}

and

H_{1}

, respectively. Therefore, we have

\begin{matrix} H_{0} : \Pr ({\tilde{d}}_{i j} = k | H_{0}, H) = q_{i j} (k), \\ H_{1} : \Pr ({\tilde{d}}_{i j} = k | H_{1}, H) = p_{i j} (k), \\ i = 1,2, \dots, N_{H} . \end{matrix}

(9)

According to (5), (6), and (7), we get

\begin{matrix} p_{i j} (1) = Q (\frac{ς - a_{i} - μ}{σ}), \\ p_{i j} (0) = 1 - p_{i j} (1), \\ q_{i j} (1) = Q (\frac{ς - μ}{σ}), \\ q_{i j} (0) = 1 - q_{i j} (1) . \end{matrix}

(10)

Similarly, we have distributions x and y under the same hypotheses for Byzantine sensor as follows:

\begin{matrix} H_{0} : \Pr ({\tilde{d}}_{i j} = k | H_{0}, B) = y_{i j} (k), \\ H_{1} : \Pr ({\tilde{d}}_{i j} = k | H_{1}, B) = x_{i j} (k), \\ i = 1,2, \dots, N_{B} . \end{matrix}

(11)

In the attacks model of NMBA, the ith Byzantine sensor makes an initial decision

c_{i 0}

independently and gets the

M_{i} - 1

decisions from its neighborhood sensors. As a result, a set of decisions

\{c_{i l} : l \in \{0,1, \dots, M_{i} - 1\}, c_{i l} \in \{0,1\}\}

is obtained where the

c_{i l}

represents the decision from the lth neighbor of ith Byzantine sensor. Then, the ith Byzantine sensor makes its local or original decision using a majority strategy, that is, the original local decision

{\tilde{d}}_{i j} = IF (\sum_{l = 0}^{M_{i} - 1} c_{i l} > η_{i})

, where

IF (\cdot)

and

η_{i}

are indicator function and threshold adopted by the ith Byzantine sensor, respectively. Therefore, we have the following equations:

\begin{matrix} y_{i j} (k) = \sum_{m = η_{i}}^{M_{i}} \sum_{π \in Γ}^{} \prod_{i = 1}^{m} q_{π (i) j} (k) \prod_{i = m + 1}^{M_{i}} (1 - q_{π (i) j} (k)), \\ x_{i j} (k) = \sum_{m = η_{i}}^{M_{i}} \sum_{π \in Γ}^{} \prod_{i = 1}^{m} p_{π (i) j} (k) \prod_{i = m + 1}^{M_{i}} (1 - p_{π (i) j} (k)), \end{matrix}

(12)

where

M_{i} \in \{1,2, \dots, N_{H}\}

1 \leq η \leq M_{i}

, and Γ denotes the set of all permutations of the

M_{i}

sensors. After using majority strategy to make a local decision, the ith Byzantine sensor flips confidently its decision with probability of

P_{flip} = 1

. Specifically, we have

\begin{matrix} \Pr (d_{i j} = k | {\tilde{d}}_{i j} = l, B) = \{\begin{cases} 1, & when l \neq k \\ 0, & when l = k \end{cases} k, l \in \{0,1\} . \end{matrix}

(13)

Thus, we get

\begin{matrix} \Pr (d_{i j} = k | H_{0}, B) = \sum_{l \neq k}^{} \Pr ({\tilde{d}}_{i j} = l | H_{0}, B) \Pr (d_{i j} = k | {\tilde{d}}_{i j} = l, H_{0}, B) + \sum_{l = k}^{} \Pr ({\tilde{d}}_{i j} = l | H_{0}, B) \Pr (d_{i j} = k | {\tilde{d}}_{i j} = l, H_{0}, B), \\ \Pr (d_{i j} = k | H_{1}, B) = \sum_{l \neq k}^{} \Pr ({\tilde{d}}_{i j} = l | H_{1}, B) \Pr (d_{i j} = k | {\tilde{d}}_{i j} = l, H_{1}, B) + \sum_{l = k}^{} \Pr ({\tilde{d}}_{i j} = l | H_{1}, B) \Pr (d_{i j} = k | {\tilde{d}}_{i j} = l, H_{1}, B) . \end{matrix}

(14)

Therefore, we have

\begin{matrix} \Pr (d_{i j} = 0 | H_{0}, B) = \Pr ({\tilde{d}}_{i j} = 1 | H_{0}, B) = y_{i j} (1), \\ \Pr (d_{i j} = 1 | H_{0}, B) = \Pr ({\tilde{d}}_{i j} = 0 | H_{0}, B) = y_{i j} (0), \\ \Pr (d_{i j} = 0 | H_{1}, B) = \Pr ({\tilde{d}}_{i j} = 1 | H_{1}, B) = x_{i j} (1), \\ \Pr (d_{i j} = 1 | H_{1}, B) = \Pr ({\tilde{d}}_{i j} = 0 | H_{1}, B) = x_{i j} (0) . \end{matrix}

(15)

Substituting (9) and (15) in (8) and after simplification, we obtain

\begin{matrix} v_{i j} (k) = \Pr (d_{i j} = k | H_{0}) = (1 - α) [k q_{i j} (k) + (1 - k) (1 - q_{i j} (k))] + α y_{i j} (1 - k), \begin{matrix}  \end{matrix} \\ u_{i j} (k) = \Pr (d_{i j} = k | H_{1}) = (1 - α) [k p_{i j} (k) + (1 - k) (1 - p_{i j} (k))] + α x_{i j} (1 - k) . \end{matrix}

(16)

2.3. Performance Metric

In the perspective of Byzantine attackers, the primary objective is to deteriorate the inference performance of FC as much as possible. On the contrary, the FC wants to make inference performance as much highly excellent as possible in order to guarantee valid detection. In this paper, we adopt Kullback-Leibler divergence (KLD) as the network performance that characterizes inference performance at the FC. KLD is very important in probability theory and is widely employed as information-theoretic distance measure to characterize detection performance [23, 24]. The KLD between the distributions $v_{i j} (k) = \Pr (d_{i j} = k | H_{0})$ and $u_{i j} (k) = \Pr (d_{i j} = k | H_{1})$ for ith sensor can be expressed as

\begin{matrix} KLD (u_{i j} ∥ v_{i j}) = \sum_{k \in \{0,1\}}^{} u_{i j} (k) \log \frac{u_{i j} (k)}{v_{i j} (k)} . \end{matrix}

(17)

The FC receives ith sensor's decisions

v_{i j} (k)

and

u_{i j} (k)

under

H_{0}

and

H_{1}

, respectively. In the perspective of Byzantine attackers, they try to minimize the KLD as much as possible so that the FC can hardly make a right decision between

H_{0}

and

H_{1}

. On the other hand, network designer wants to maximize KLD of each sensor's decision to mitigate the negative effect caused by Byzantine attackers. In the next section, we explore the optimal strategy of Byzantine attacks that impair the detection performance as much as possible by minimizing KLD.

3. Optimal Strategy for Byzantine Attackers

3.1. Optimal Strategy for Byzantine Attacks

As explored in Section 2, the Byzantine attackers attempt to make the nodes that have been compromised have small KL divergence as much as possible. Byzantine attackers have the optimal superiority on degrading inference performance of FC when $KLD$ is equal to zero. In the case of $KLD = 0$ , the FC cannot distinguish the distributions under $H_{0}$ or $H_{1}$ . In other words, the data from sensors conveys no information. We refer to this case as the FC being blinded completely when

\begin{matrix} u_{i j} (k) = \Pr (d_{i j} = k | H_{1}) = \Pr (d_{i j} = k | H_{0}) = v_{i j} (k) . \end{matrix}

(18)

Substituting (16) in (18) and after simplification, the condition to make

KLD (v_{i j} (k) ∥ u_{i j} (k)) = 0

is equivalent to

\begin{matrix} α = \frac{p_{i j} (1) - q_{i j} (1)}{(p_{i j} (1) - q_{i j} (1)) + (x_{i j} (1) - y_{i j} (1))} = \frac{p_{i j} (1) - q_{i j} (1)}{(p_{i j} (1) - q_{i j} (1)) + f (M_{i}, η_{i}, p_{i j} (1), q_{i j} (1))}, \end{matrix}

(19)

where the close-form expression of function

f (\cdot)

is denoted as the following equation:

\begin{matrix} f (M_{i}, η_{i}, p_{i j} (1), q_{i j} (1)) = \sum_{m = η_{i}}^{M_{i}} \sum_{π \in Γ}^{} \prod_{i = 1}^{m} p_{π (i) j} (1) \prod_{i = m + 1}^{M_{i}} (1 - p_{π (i) j} (1)) - \sum_{m = η_{i}}^{M_{i}} \sum_{π \in Γ}^{} \prod_{i = 1}^{m} q_{π (i) j} (1) \prod_{i = m + 1}^{M_{i}} (1 - q_{π (i) j} (1)), \end{matrix}

(20)

where

M_{i}

and

η_{i}

are the number of neighborhood nodes and threshold adopted by ith Byzantine sensor, respectively.

As mentioned above, the KL distance between $v_{i j} (k)$ and $u_{i j} (k)$ is equal to zero; that is, $KLD (v_{i j} ∥ u_{i j}) = 0$ , if and only if $v_{i j} (k) = u_{i j} (k)$ . The FC is incapable of distinguishing the two distributions under $H_{0}$ and $H_{1}$ when KLD is equal to zero. The attackers then project interests in the minimum attacking power that can just make the ability of inference of the FC destroyed. Thus, the minimum attacking power in the context of NMBA is denoted as

\begin{matrix} α_{blind} = \min \{α; α that make KLD (u_{i j} ∥ v_{i j}) = 0\} . \end{matrix}

(21)

For the sake of minimizing α to reach

α_{blind}

, we have the following equation depending on operating point

(p_{i j} (1), q_{i j} (1))

\begin{matrix} α_{blind} = \frac{p_{i j} (1) - q_{i j} (1)}{(p_{i j} (1) - q_{i j} (1)) + \max \{f (M_{i}, η_{i}, p_{i j} (1), q_{i j} (1))\}} . \end{matrix}

(22)

Because of

0 < p_{i j} (1) - q_{i j} (1) \leq 1

, we have the following inequality:

\begin{matrix} α_{blind} \leq \frac{1}{1 + \max \{f (M_{i}, η_{i}, p_{i j} (1), q_{i j} (1))\}} . \end{matrix}

(23)

To prove inequality (23), we apply the monotonic property of the function of

x / (x + 1)

. Due to the function possessing differentiability, we have the following inequality:

\begin{matrix} \frac{d}{d x} (\frac{x}{x + 1}) = \frac{1}{{(x + 1)}^{2}} > 0 . \end{matrix}

(24)

Therefore,

x / (x + 1)

is a monotonically increasing function when

0 \leq x \leq 1

. As a result, inequality (23) is certified. After certifying (23), we have the following equation:

\begin{matrix} η_{i_opt} = ceil (\frac{M_{i}}{2}), \end{matrix}

(25)

where

ceil (\cdot)

is the ceiling function. Therefore, function

f (\cdot)

in (19) reaches the maximum value point only when

η_{i} = η_{i_opt}

. Therefore, for a pair of fixed operating points

(p_{i j} (1), q_{i j} (1))

, we have

\begin{matrix} \max f = f (M_{i}, ceil (\frac{M_{i}}{2}), p_{i j} (1), q_{i j} (1)) \end{matrix}

(26)

and (22) can be represented as

\begin{matrix} α_{blind} = \frac{p_{i j} (1) - q_{i j} (1)}{(p_{i j} (1) - q_{i j} (1)) + \max f} . \end{matrix}

(27)

When the intelligent adversary poses attacking power α which is greater than

α_{blind}

, the FC is trapped into a dilemma where the decider cannot utilize any information from sensors to make a correct decision. The situation refers to the fusion center's entering into the blinding region where the FC is blinded completely.

3.2. Numerical Results

In this subsection, numerical results are presented to support our analysis of optimal attacking strategy for Byzantine attackers. We consider the network where $N = 100$ sensors are deployed on regular grid in the ROI under the Byzantine attacks model of NMBA. We set the power at the reference point ( $d_{0} = 1$ ) as 200 and the signal amplitude arriving at the local sensor is contaminated by AWGN with mean value $μ = 0$ and standard deviation $σ = 3$ . A target intrudes at position $θ = (90,90)$ . We consider the square type of NMBA where all the Byzantine sensors adopt identical number of neighborhood nodes and optimal threshold; that is, $M = M_{i}$ and $η = η_{i_o p t}$ , $i = 1,2, \dots, N_{B}$ . Attacking power α is observed in the case of square type of NMBA over $M \in \{1,2, \dots, N_{H}\}$ and $η \in \{1,2, \dots, M\}$ . In the blinding region, the FC is incapable of utilizing any information to make a decision to determine whether there is a target in the ROI. Byzantine users try to pay as much low cost as possible when the FC has been completely blinded by them. Attacking power α in blinding region is a convex function of threshold η under the NMBA attacking model. Therefore, it is possible for Byzantine attackers to adopt the least attacking power to blind the FC. From the numerical results presented in Figure 4, we see that the attacking power α reaches minimum value only when $η = 5$ in the case of NMBA when $M = 9$ . The minimum value of α is equal to 0.3844. The result is intuitive and also indicates that the optimal threshold associates with the number of neighborhood nodes, M. The other cases of NMBA are presented in Table 1. We observe that the minimum value of $α_{b l i n d}$ is just obtained at the point where the optimal threshold η is got. In Figure 5, we present that optimal threshold increases with the increase in the value of M. We observe that $η_{opt}$ is always equivalent to $M / 2$ when M is even and $η_{opt}$ is equal to the maximum integer that is not larger than $M / 2$ when M is odd. It is clear that optimal threshold Byzantine attacker associates with the number of its neighborhood. In Figures 6 and 7, it is shown that $α_{b l i n d}$ is the monotonically decreasing function of M in the condition that η is always equal to $η_{o p t}$ . As illustrated in Figures 5 and 6, IMBA is a particular case when $M = 1$ . Under condition of $M = 1$ , each Byzantine sensor makes a judgement only depending on its own observation and flips its decision confidently prior to sending to the FC. When $M = 2$ , each Byzantine sensor consults with two neighborhood nodes around it before making a decision and the minimum attacking power in the blinding region is equal to 0.5. When M is equal to 2, the attacking effect brought by NMBA matches with IMBA. $α_{b l i n d}$ of NMBA decreases monotonically with the increase of M and it reaches 0.3844 when M increases to 9. $α_{b l i n d}$ decreases to 0.3752 when M increases to 25. The exact value of $α_{b l i n d}$ corresponding to M and $η_{o p t}$ is presented in Table 2. In addition, as we can see from Figures 6 and 7, the number of neighborhood nodes that each Byzantine sensor node consults including itself should be odd for better attacking efficiency. To further analyze the attacks of NMBA, we compare it with IMBA and CMBA in terms of KL distance about attacking power. As we discussed above, IMBA is a special case of NMBA when $M = 1$ . L out of $N_{B}$ fusion rule has been used for CMBA among the Byzantine sensors. And Byzantine sensors collaborate together to make decisions about the presence of target. If the attacking power is greater than 0.5, the FC can be blinded completely by any kinds of attacking strategies adopted by Byzantine attackers. Therefore, our analysis about detection performance is under the condition of $α \leq 0.5$ . In Figures 8 and 9, we plot the $K L D$ of three attacking models against α in the case $M = 9$ and $M = 25$ , respectively. From the numerical results presented in Figures 8 and 9, we can see that the $K L D$ of NMBA is very close to CMBA and outperforms IMBA significantly. Though the performance of NMBA is very close to CMBA, the difference of KL distance between them varies with attacking power. In Figures 8 and 9, KL distance of CMBA is greater than that of NMBA in the region of $α \in [0,0.09]$ and $α \in [0,0.25]$ , respectively. However, CMBA performs better when α meets the condition of $α \geq 0.09$ and $α \geq 0.025$ in Figures 8 and 9, respectively. For CMBA, the blinding point C which is marked by black-square in Figures 8 and 9 is determined by the total number of Byzantine sensor nodes instead of M. For NMBA, the blinding point B which is marked by blue-square in Figures 8 and 9 is determined by the number of neighborhood nodes. For NMBA, M is larger and $α_{b l i n d}$ is smaller. Furthermore, $α_{b l i n d} = 0.3844$ and $α_{b l i n d} = 0.3751$ when M is equal to 9 and 25, respectively.

Table 1

α at $(M, η)$ , $M \in \{1,2, \dots, 9 \}$ and $η \leq M$ .

$M / α$	η
$M / α$	1	2	3	4	5	6	7	8	9
1	0.5000
2	0.5000	0.5000
3	0.5434	0.4310	0.5434
4	0.5952	0.4310	0.4310	0.5952
5	0.6469	0.4509	0.4042	0.4509	0.6469
6	0.6959	0.4785	0.4042	0.4042	0.4785	0.6959
7	0.7410	0.5100	0.4145	0.3913	0.4145	0.5100	0.7410
8	0.7814	0.5438	0.4298	0.3913	0.3913	0.4298	0.5438	0.7814
9	0.8171	0.5790	0.4484	0.3970	0.3844	0.3970	0.4484	0.5790	0.8171

Table 2

$α_{b l i n d}$ at $(M, η_{o p t})$ , $M \in \{1,2, \dots, 9 \}$ and $η_{o p t} = c e i l (M / 2)$ .

$M / η_{o p t}$	1/1	2/1	3/2	4/2	5/3	6/3	7/4	8/4	9/5
$α_{b l i n d}$	0.5000	0.5000	0.4310	0.4310	0.4042	0.4042	0.3913	0.3913	0.3844

Figure 4

Attacking power α versus η when $M = 9$ , η varying from 1 to 9. Byzantine sensors have the smallest α when $η = 5$ .

Figure 5

Optimal threshold η versus M, M varying from 1 to 9. The optimal threshold increases with the increment of M and it is always equal to $ceil (M / 2)$ .

Figure 6

$α_{blind}$ versus M, M varying from 1 to 9 in condition of $η = η_{opt}$ . $α_{blind}$ monotonically decreases with M. It is clear that Byzantine attacker more easily blinds the FC when each Byzantine sensor has more neighborhood nodes.

Figure 7

$α_{blind}$ versus M, M varying from 1 to 25 in condition of $η = η_{opt}$ . $α_{blind}$ monotonically decreases with M. It is clear that Byzantine attacker more easily blinds the FC when each Byzantine sensor has more neighborhood nodes.

Figure 8

KLD decreases monotonically with attacking power α when $M = 9$ . KLD of IMBA decreases to 0 when $α = 0.5$ . KLD of NMBA decreases to 0 when $α = 0.3844$ in the condition of $η = η_{opt}$ . KLD of CMBA decreases to 0 when $α = 0.35$ .

Figure 9

KLD decreases monotonically with attacking power α when $M = 25$ . KLD of IMBA decreases to 0 when $α = 0.5$ . KLD of NMBA decreases to 0 when $α = 0.3752$ in the condition of $η = η_{opt}$ . KLD of CMBA decreases to 0 when $α = 0.35$ .

4. Fusion Center Decision Strategy

In this section, let us solve the problem of identifying Byzantine attackers to enhance inference performance of the FC. In order to explain the problem well, we have defined three types of decision which include local/original decision, global decision, and global-final decision. As we discussed in Section 2, a decision matrix $D_{N \times K}^{t} = {(d_{i j} (t))}_{N \times K}$ is formulated at the FC after K observations in a time window T at tth global-final decision making, $t \in N^{+}$ . We let the FC make a corresponding global decision $z_{j} (t)$ over vector of decision $d_{j}^{t}$ at jth observation. And a vector of global decision $z (t) = (z_{1} (t), z_{2} (t), \dots, z_{K} (t))$ is formulated over $\{d_{1}^{t}, d_{2}^{t}, \dots, d_{K}^{t}\}$ , $z_{j} (t) \in \{0,1\}$ for any $t \in N^{+}$ , $j = 1,2, \dots, K$ . Majority vote which is simple and effective scheme is adopted to make a global-final decision $z (t) \in \{0,1\}$ over the vector $z (t)$ , where “1” represents the presence of target and “0” represents the absence of target, respectively. However, we project our focus on designing a rule to construct vector of global decision $z (t)$ . We propose a scheme of making global decision that the FC can adaptively adjust its threshold $η_{f c} (t, j)$ for $d_{j}^{t}$ to make a corresponding global decision $z_{j} (t)$ . The information of elements in decision matrix $D_{N \times K}^{t}$ is also utilized to estimate probability of miss detection and false alarm, respectively. In order to evaluate the fusion scheme, performance metric introduced in this work is the accuracy of fusion scheme in terms of identifying Byzantine sensors.

We define an intuitive distance between the global-final decision and local/original decisions as

\begin{matrix} |d_{j}^{t}| = \sum_{i = 1}^{N} |d_{i j} (t) - z (t)| . \end{matrix}

(28)

Similarly, another intuitive distance is also defined as the following equation:

\begin{matrix} |d_{i}^{t}| = \sum_{j = 1}^{K} |d_{i j} (t) - z (t)| . \end{matrix}

(29)

In (29),

|d_{i}^{t}|

measures the degree of discrepancy between the global-final decision and K local/original decisions that are from ith sensor. Similarly,

|d_{j}^{t}|

in (28) measures the degree of discrepancy between the global-final decision and N local/original decisions generated at jth observation. The distance

|d_{i}^{t}|

is larger and the ith sensor is closer to behavior of Byzantine. On the contrary, the distance of

|d_{i}^{t}|

is smaller and the probability of ith sensor being tagged as Byzantine attacker by the FC is lower. Similarly, when the distance of

|d_{j}^{t}|

is larger, the decision generated at jth observation is worse. The FC regards the jth observation as excellent and we believe that the network performs well when

|d_{j}^{t}|

is small. For simplicity, we let probability of miss detection equal probability of false alarm; that is,

P_{m} = P_{fa}

in the context of the attacks model of NMBA.

4.1. Scheme of Identifying Byzantine Attackers

If one sensor's local/original decision is different from global-final decision, it is labeled as Byzantine. It is worth mentioning that Honest sensors are classified probably into Byzantine group when they behave like Byzantine. Similarly, the Byzantine attackers can also be probably labeled as Honest. We use $N_{0} (t, j)$ and $N_{1} (t, j)$ to denote the total effective number of elements “0” and “1” in decision matrix, respectively. $N_{0} (t, j)$ and $N_{1} (t, j)$ vary with the order of j and take part in making global decision. Here, we represent (28) and (29) again as follows:

\begin{matrix} |d_{j}^{t}| = \sum_{i \in I (t, j)}^{} |d_{i j} (t) - z (t)|, \\ |d_{i}^{t}| = \sum_{k = 1}^{K} |d_{i k} (t) - z (t)|, i \in I (t, j), \end{matrix}

(30)

where

I (t, j)

is defined at (37).

Proposition 1.

Suppose the network with N sensors including Byzantine and Honest, where the probability of miss detection and false-alarm is zero, that is, $P_{m} = P_{f a} = 0$ , and Byzantine attackers always know the true natural state. Attacking power brought by the attackers is estimated through the following expression:

\begin{matrix} \hat{α} (t) = \frac{\min \{N_{0} (t), N_{1} (t)\}}{N}, \end{matrix}

(31)

where

N_{0} (t)

and

N_{1} (t)

are denoted as the total number of “0” and “1,” respectively.

Proof.

See Appendix A.

Based on Proposition 1 and constrained by its conditions, we have the following equation for estimating the attacking power at the global decision making:

\begin{matrix} \hat{α} (t, j) = \frac{\min \{N_{0} (t, j), N_{1} (t, j)\}}{N_{0} (t, j) + N_{1} (t, j)} . \end{matrix}

(32)

Taking the scenario of Byzantine attackers without knowledge about true natural state into consideration in practical application, we have the following.

Proposition 2.

Suppose the network of size N containing both Honest sensors and Byzantine sensor nodes, where decision matrix $D_{N \times K}^{t}$ is made at tth global-final decision after N sensors taking K observations in the time window T. The network is not completely blinded by adversary. The estimation of least attacking power has a lower bound which can be expressed as

\begin{matrix} \hat{α} (t, j) \geq \frac{\min \{N_{0} (t, j), N_{1} (t, j)\} - K \cdot [\max_{k} (|d_{k}^{t}|) - \min_{k} (|d_{k}^{t}|)]}{n (t, j) \cdot K}, k \in \{1,2, \dots, K\} . \end{matrix}

(33)

It is clear that

\hat{α} (t, 0) = 0

and

n (t, 0) = N

t \in N^{+}

. In (33),

[\max_{k} (|d_{k}^{t}|) - \min_{k} (|d_{k}^{t}|)]

is used to compute the maximum distance of decisions between two certain vectors of observation which are from two sensors tagged as Honest at the

(j - 1)

th global decision making.

Proof.

See Appendix B.

Here, we let

\begin{matrix} \hat{α} (t, j) = \frac{\min \{N_{0} (t, j), N_{1} (t, j)\} - K \cdot [\max_{j} (|d_{j}^{t}|) - \min_{j} (|d_{j}^{t}|)]}{n (t, j) \cdot K} \end{matrix}

(34)

during the process of identifying Byzantine sensors. After estimating the attacking power,

\hat{α} (t, j)

, the FC approximately knows how many sensors have been compromised by an adversary among

n (t, j)

sensors that participate in the jth global decision making. The FC then takes an action to identify

\hat{α} (t, j) \cdot n (t, j)

Byzantine sensors to help the next global decision making.

L (t, j)

is defined as the set of identities of sensors that are tagged as Honest at the

(j - 1) th

. These sensors will participate in the jth global decision making. It is clear that

L (t, 0) = \{i ∥ i = 1,2, \dots, N\}

t \in N^{+}

. We define a sequence

I_{N} (t, j)

over

\{|d_{i}^{t}| | i \in L (t, j - 1)\}

, in which

{|d_{i}^{t}|}^{m}

is used for presenting the element with order m,

m \in \{1,2, \dots, n (t, j)\}

. If

{|d_{i}^{t}|}^{m} > {|d_{l}^{t}|}^{n}

, then

m > n

. The identity i is greater than l when

m > n

{|d_{i}^{t}|}^{m} = {|d_{l}^{t}|}^{n}

i < l

when

m < n

; otherwise,

i, l \in L (t, j - 1)

m, n \in \{1,2, \dots, n (t, j)\}

. The sequence can be expressed as

\begin{matrix} I_{N} (t, j) = \{{|d_{i}^{t}|}^{n (t, j)}, {|d_{i}^{t}|}^{n (t, j) - 1}, \dots, {|d_{i}^{t}|}^{1} | i \in L (t, j - 1)\}, \end{matrix}

(35)

where

\forall m \in \{1,2, \dots, n (t, j)\}, {|d_{i}^{t}|}^{m}

matches only a specific identity. There are

n (t, j)

identities and

|I_{N} (t, j)| = n (t, j)

. In order to find the sequence of

d_{i}^{t}

, we define a function

ID (\cdot)

over

I_{N} (t, j)

\begin{matrix} n = ID (d_{i}^{t}) = \sum_{l \in L (t, j - 1)}^{} IF (|d_{l}^{t}| > {|d_{i}^{t}|}^{n}) + \sum_{l \in L (t, j - 1)}^{} IF (|d_{l}^{t}| = {|d_{i}^{t}|}^{n} | l > j), n \in \{1,2, \dots, n (t, j)\}, \end{matrix}

(36)

where

IF (\cdot)

is an indicator function, and

IF (true) = 1

and

IF (false) = 0

The FC have obtained the approximate knowledge about the attacking power posed by the adversary at jth global decision making. The FC has also known each sensor's sequence in $I_{N} (t, j)$ . Therefore, sensors whose sequences are dropped into the region from $n (t, j)$ to $\{n (t, j) \cdot [1 - \hat{α} (t, j)] + 1\}$ are judged to be Byzantine attackers. The decisions from Byzantine attackers are removed at the $(j + 1) th$ global decision making. The identities of remaining sensors which are trusted by the FC at jth global decision making can be expressed as

\begin{matrix} I (t, j) = \{i | ID (d_{i}^{t}) < \hat{α} (t, j) \cdot n (t, j), i \in L (t, j - 1)\} \end{matrix}

(37)

and

I (t, j) \subseteq L (t, j - 1)

. The attacking power at tth global-final decision making is estimated by the following equation:

\begin{matrix} \hat{α} (t) = \frac{N - n (t, K)}{N} . \end{matrix}

(38)

4.2. Rule of Decision Fusion Based on Dynamic Threshold

As we described in Section 2, the process of making a global-final decision is divided into three stages. A local/original decision matrix ${\tilde{D}}_{N \times K}^{t}$ is generated at the first stage. A decision matrix $D_{N \times K}^{t}$ is formulated after ${\tilde{D}}_{N \times K}^{t}$ being probably attacked. A vector of global decision $z (t) = (z_{1} (t), z_{2} (t), \dots, z_{K} (t))$ is computed and obtained over vectors of decision $\{d_{1}^{t}, d_{2}^{t}, \dots, d_{K}^{t}\}$ through applying a policy of fusion at the middle stage. At last, the decider at the FC has a global-final decision $z (t)$ . In this paper, we put our focus on proposing an effective method of decision fusion to get an excellent vector of global decision $z (t)$ , which can easily help to make a global-final decision $z (t)$ at the last stage. The rule of decision fusion based on dynamic threshold is that threshold ( $η_{f c} (t, j)$ ) for jth global decision making varies with j. The number of sensors which participate in jth global decision making is denoted as $n (t, j)$ . In addition, $n (t, j)$ always associates with $n (t, j - 1)$ tightly, which is expressed as

\begin{matrix} n (t, j) = n (t, j - 1) \cdot [1 - \hat{α} (t, j - 1)] . \end{matrix}

(39)

Here, q out of m fusion rule in [13] has been used for designing threshold

η_{f c} (t, j)

, which is given by

\begin{matrix} η_{fc} (t, j) = floor (a \cdot n (t, j) + \sqrt{b \cdot n (t, j)} Q^{- 1} (1 - β)), \end{matrix}

(40)

where

f l o o r (\cdot)

is a floor function and

Q^{- 1} (\cdot)

is the inverse function of

Q (\cdot)

which has been introduced in Section 2. β is a predefined constraint of miss detection. a and b are given by

\begin{matrix} a = [1 - \hat{α} (t, j)] \cdot p_{i j} (1) + \hat{α} (t, j) \cdot x_{i j} (1), \end{matrix}

(41)

\begin{matrix} b = [1 - \hat{α} (t, j)] \cdot p_{i j} (1) \cdot (1 - p_{i j} (1)) + \hat{α} (t, j) \cdot y_{i j} (1) \cdot (1 - y_{i j} (1)), \end{matrix}

(42)

respectively. Therefore, we get the jth global decision

z_{j} (t)

\begin{matrix} z_{j} (t) = IF (\sum_{i}^{} d_{i j} (t) > η_{fc} (t, j) | i \in L (t, j - 1)) . \end{matrix}

(43)

In order to evaluate the identifying scheme, we define $γ_{H H}$ , $γ_{H B}$ , $γ_{B H}$ , and $γ_{B B}$ as the accuracy of identifying Byzantine attackers. $γ_{H H}$ and $γ_{H B}$ are formulated as accuracy of Honest sensors tagged as Honest and Byzantine, respectively. Similarly, $γ_{B H}$ and $γ_{B B}$ are defined as accuracy of Byzantine sensors identified as Honest and Byzantine, respectively. We have the equations as follows:

\begin{matrix} γ_{H B} = \frac{N_{H B}}{N}, \\ γ_{H H} = \frac{n (t, K) - N_{B H}}{N}, \\ γ_{B H} = \frac{N_{B H}}{N}, \\ γ_{B B} = \frac{N - n (t, K) - N_{H B}}{N} . \end{matrix}

(44)

Therein,

N_{H B}

is the number of Honest sensors identified as Byzantine and the number of Byzantine sensors identified as Honest is denoted as

N_{B H}

N_{H}

and

N_{B}

have been described in Section 2.

4.3. Numerical Results

In this subsection, we analyze the performance of scheme of identifying Byzantine attackers through numerical results. There are also 100 sensor nodes that contain Byzantine and Honest nodes which are considered in our simulation. Meanwhile, global-final decision making is performed 100 times in our simulation. The power at the reference point ( $d_{0} = 1$ ) is set as 200 and the signal amplitude arriving at the local sensor has been contaminated by AWGN with mean value $μ = 0$ and standard deviation $σ = 3$ . A target intrudes at position $θ = (90,90)$ . The true attacking power is fixed to 0.3 and $β = 0.2$ .

In Figures 10, 11, 12, and 13, we show that $n (t, j)$ decreases following the increase of j and has stable tendency to a fixed level. The sum of $N_{0} (t, j)$ and $N_{1} (t, j)$ is always equal to $K \cdot n (t, j)$ and $N_{1} (t, j)$ is greater than $N_{0} (t, j)$ . $N_{0} (t, j)$ and $N_{1} (t, j)$ verge to $K \cdot N_{B}$ and $K \cdot N_{H}$ , respectively. And $\hat{α} (t, j) \to 0$ when j exceeds a certain number and $\hat{α} (t, j) = 0$ when $j \geq 7$ in the scheme of identifying Byzantine attackers. Threshold for global decision making varies with j and $η_{f c} (t, j)$ verges to constant value when $\hat{α} (t, j)$ is equal to zero. The attacking power is estimated after each global decision making. Part of sensors is judged to be Byzantine from $n (t, j)$ sensors. The left sensors then participate in next global decision making. With the conducting of global decision making, there are no sensors tagged as Byzantine until jth reaches a certain number. At the FC, the total number of sensors tagged as Byzantine is computed as $N - n (t, K)$ . We plot $γ_{H H}$ , $γ_{B B}$ , $γ_{H B}$ , and $γ_{B H}$ versus t in Figures 14 and 15 under different cases. As illustrated in Figures 14 and 15, $γ_{B B}$ is close to 0.3, which is black line with cross. And $γ_{H H}$ is close to 0.7, which is denoted as blue line with cross. $γ_{B H}$ and $γ_{H B}$ are presented as black line with star and blue line with star in the Figures 14 and 15, respectively. It is clear that few Byzantine sensors are judged to be Honest by this identifying scheme. In other words, the Byzantine attackers are almost found out. We also can find that the scheme performs well at identifying Byzantine attackers.

Figure 10

$n (t, j)$ , $N_{0} (t, j)$ , $N_{1} (t, j)$ , $α (t, j)$ , and $η_{f c} (t, j)$ are plotted versus j when $N = 100, K = 10, M = 9$ .

Figure 11

$n (t, j)$ , $N_{0} (t, j)$ , $N_{1} (t, j)$ , $α (t, j)$ , and $η_{f c} (t, j)$ are plotted versus j when $N = 100, K = 10, M = 25$ .

Figure 12

$n (t, j)$ , $N_{0} (t, j)$ , $N_{1} (t, j)$ , $α (t, j)$ , and $η_{f c} (t, j)$ are plotted versus j when $N = 100, K = 15, M = 9$ .

Figure 13

$n (t, j)$ , $N_{0} (t, j)$ , $N_{1} (t, j)$ , $α (t, j)$ , and $η_{f c} (t, j)$ are plotted versus j when $N = 100, K = 15, M = 25$ .

Figure 14

$γ_{H H}$ , $γ_{B B}$ , $γ_{H B}$ , and $γ_{B H}$ versus t. $γ_{H H}$ , $γ_{B B}$ , $γ_{H B}$ , and $γ_{B H}$ vibrate with t in different cases of M and K. $γ_{B B}$ is very close to 0.3 and $γ_{H H}$ vibrates under 0.7. $γ_{B H}$ is very close to 0 and $γ_{H B}$ vibrates above 0.

Figure 15

5. Conclusion

We have divided the process of data fusion into three hierarchies/stages in this paper. In addition, two problems have been put forward at the first and second stage, respectively. At the first stage, we proposed neighborhood malicious Byzantine attacks model. Distributed detection under neighborhood malicious Byzantine attacks has been taken into consideration. We have shown that NMBA is an intelligent strategy adopted by an adversary. The attacking performance of NMBA has also been analyzed. We have also proved that attacking effect of NMBA matches with CMBA's when the attacking power is lower 0.3844 and NMBA always outperforms IMBA in any case. It has been analyzed that data fusion is incapable when the attacking power enters the blinding region and the closed-form expression for blinding region has been derived. At the second stage, a data fusion rule based on dynamic threshold has been put forward and we have proposed an effective way of identifying Byzantine attackers. Consequently, we have shown that most Byzantine attackers are identified through the scheme and significant improvement of performance of this scheme in terms of accuracy is obtained. Based on the scheme of identifying Byzantine attackers, a data fusion scheme with dynamic threshold has been explored at this stage.

Footnotes

Appendices

Conflict of Interests

The authors declare that there is no conflict of interests regarding the publication of this paper.

Acknowledgments

The authors specifically acknowledge the financial support through the National Science Foundation of China (Grant no. 61001086), the Fundamental Research Funds for the Central University (Grant no. ZYGX2011X004), and the project Sponsored by Academic Training Funds, University of Electronic Science and Technology of China (Grant no. 201506075013).

References

Chamberland

J.-F.

Veeravalli

V. V.

Wireless sensors in distributed detection applications

IEEE Signal Processing Magazine 2007 24 3 16 25

10.1109/msp.2007.361598

2-s2.0-34249727076

Lamport

Shostak

Pease

The byzantine generals problem

ACM Transactions on Programming Languages and Systems 1982 4 3 382 401

10.1145/357172.357176

Chen

Jilkov

V. P.

X. R.

Optimizing decision fusion in the presence of byzantine data

Proceedings of the 17th International Conference on Information Fusion

July 2014

1 8

2-s2.0-84910678253

Stoica

Nehorai

Performance study of conditional and unconditional direction-of-arrival estimation

IEEE Transactions on Acoustics, Speech, and Signal Processing 1990 38 10 1783 1795

10.1109/29.60109

ZBL0732.62098

2-s2.0-0025503031

Liu

Joint TOA and DOA localization in indoor environment using virtual stations

IEEE Communications Letters 2014 18 8 1423 1426

10.1109/LCOMM.2014.2333006

2-s2.0-84906284041

Althunibat

Granelli

An objection-based collaborative spectrum sensing for cognitive radio networks

IEEE Communications Letters 2014 18 8 1291 1294

10.1109/LCOMM.2014.2329844

2-s2.0-84906235089

Wang

Niyato

Hossain

Dynamic spectrum access in cognitive radio networks with RF energy harvesting

IEEE Wireless Communications 2014 21 3 102 110

10.1109/MWC.2014.6845054

2-s2.0-84903763704

Marano

Matta

Tong

Distributed detection in the presence of Byzantine attacks

IEEE Transactions on Signal Processing 2009 57 1 16 29

10.1109/TSP.2008.2007335

2-s2.0-58649109373

Marano

Matta

Tong

Distributed inference in the presence of byzantine sensors

Proceedings of the 40th Asilomar Conference on Signals, Systems, and Computers (ACSSC '06)

November 2006

Pacific Grove, Calif, USA

281 284

10.1109/acssc.2006.356632

2-s2.0-44049083063

10.

Vempaty

Ozdemir

Agrawal

Chen

Varshney

P. K.

Localization in wireless sensor networks: byzantines and mitigation techniques

IEEE Transactions on Signal Processing 2013 61 6 1495 1508

10.1109/tsp.2012.2236325

2-s2.0-84875028178

11.

Rawat

A. S.

Anand

Chen

Varshney

P. K.

Collaborative spectrum sensing in the presence of byzantine attacks in cognitive radio networks

IEEE Transactions on Signal Processing 2011 59 2 774 786

10.1109/tsp.2010.2091277

2-s2.0-78651372721

12.

X. F.

Dai

H. Y.

Ning

A Byzantine attack defender: the conditional frequency check

Proceedings of the IEEE International Symposium on Information Theory (ISIT '12)

July 2012

Cambridge, Mass, USA

IEEE

975 979

10.1109/isit.2012.6284709

2-s2.0-84867514395

13.

Abdelhakim

Lightfoot

L. E.

Ren

Distributed detection in mobile access wireless sensor networks under byzantine attacks

IEEE Transactions on Parallel and Distributed Systems 2013 25 4 950 959

10.1109/tpds.2013.74

2-s2.0-84896320313

14.

Soltanmohammadi

Orooji

Naraghi-Pour

Decentralized hypothesis testing in wireless sensor networks in the presence of misbehaving nodes

IEEE Transactions on Information Forensics and Security 2012 8 1 205 215

10.1109/tifs.2012.2229274

2-s2.0-84872103134

15.

Kailkhura

Brahma

Han

Y. S.

Varshney

P. K.

Distributed detection in tree topologies with byzantines

IEEE Transactions on Signal Processing 2014 62 12 3208 3219

10.1109/TSP.2014.2321735

2-s2.0-84901437414

16.

Talarico

Schmid

N. A.

Alkhweldi

Valenti

M. C.

Distributed estimation of a parametric field: algorithms and performance analysis

IEEE Transactions on Signal Processing 2014 62 5 1041 1053

10.1109/tsp.2013.2288684

2-s2.0-84894529462

17.

Zhang

Koh

J. Y.

Lin

Nevat

Distributed event detection under byzantine attack in wireless sensor networks

Proceedings of the 9th IEEE International Conference on Intelligent Sensors, Sensor Networks and Information Processing (ISSNIP '14)

April 2014

Singapore

IEEE

1 6

10.1109/issnip.2014.6827609

2-s2.0-84903691900

18.

Liu

Wang

Rao

N. S. V.

Fusion of state estimates over long-haul sensor networks with random loss and delay

IEEE/ACM Transactions on Networking 2015 23 2 644 656

10.1109/tnet.2014.2303123

2-s2.0-84894256113

19.

El-Ayadi

M. H.

Nonstochastic adaptive decision fusion in distributed-detection systems

IEEE Transactions on Aerospace and Electronic Systems 2002 38 4 1158 1171

10.1109/taes.2002.1145740

2-s2.0-0036821520

20.

Laxhammar

Falkman

Online learning and sequential anomaly detection in trajectories

IEEE Transactions on Pattern Analysis and Machine Intelligence 2013 36 6 1158 1173

10.1109/tpami.2013.172

2-s2.0-84901845356

21.

Chen

Yang

Trappe

Martin

R. P.

Detecting and localizing identity-based attacks in wireless and sensor networks

IEEE Transactions on Vehicular Technology 2010 59 5 2418 2434

10.1109/tvt.2010.2044904

2-s2.0-77953789262

22.

Niu

Varshney

P. K.

Target location estimation in sensor networks with quantized data

IEEE Transactions on Signal Processing 2006 54 12 4519 4528

10.1109/TSP.2006.882082

2-s2.0-33947187995

23.

Cover

T. M.

Thomas

J. A.

Elements of Information Theory 1991

New York, NY, USA

John Wiley & Sons

10.1002/0471200611

24.

Kullback

Information Theory and Statistics 1997

New York, NY, USA

Dover

MR1461541

Distributed Detection in Wireless Sensor Networks under Byzantine Attacks

Abstract

1. Introduction

2. System Model

2.1. Detection Model

2.2. Byzantine Attacks Model

2.3. Performance Metric

3. Optimal Strategy for Byzantine Attackers

3.1. Optimal Strategy for Byzantine Attacks

3.2. Numerical Results

4. Fusion Center Decision Strategy

4.1. Scheme of Identifying Byzantine Attackers

Proposition 1.

Proof.

Proposition 2.

Proof.

4.2. Rule of Decision Fusion Based on Dynamic Threshold

4.3. Numerical Results

5. Conclusion

Footnotes

Appendices

Conflict of Interests

Acknowledgments

References