Eager: Cyberattacks on Commercial IoT Networks Estimating Large Dimension Parameters for Big Data

Eager：对商业物联网网络的网络攻击估计大数据的大维度参数

• 批准号: 1744129
• 负责人: Rick Blum
• 金额: $ 20万
• 依托单位: Lehigh University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2017
• 资助国家: 美国
• 起止时间: 2017-08-01 至 2021-07-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1744129&HistoricalAwards=false
• 关键词: Eager; Cyberattacks; Commercial; IoT; Networks

Abstract ECCS -1744129Title: Eager: Cyberattacks on Commercial IoT Networks Estimating Object Position Non-technical description: While the internet has been available for many years, the integration of sensing and control technology into the internet to yield what is being called the Internet of Things (IoT) is still very immature and brings dangerous new unaddressed security problems. For example, cyberattacks on automotive processors have already been observed. Car manufacturers are developing critical systems aimed at fusing data from several complex sensors to ensure self-driving automobiles avoid collisions with people and animals. The proposed project will seek to develop a complete theory of commercial IoT/sensor object location estimation network attack mitigation and impact based on: (1) rigorous proofs that the attacked sensors can be identified under some reasonable assumptions and (2) rigorous estimation theory-based analysis of the possible range of performance that the attacked system can achieve. The new theory should lead to technology to protect against cyber attacks on smart homes, smart buildings, smart factories and other commercial IoT/sensor systems relied upon in daily lives. The major portion of the requested funds will go towards supporting graduate students. Educating graduate and undergraduate students, from under represented groups, in these important cross-disciplinary areas will be pursued. Coordination between this research project, classes and Lehigh's Integrated Networks for Electricity (INE) interdisciplinary research initiative is broader impact associated with this project. Research results will be incorporated into current and future Lehigh classes. Class notes might evolve into a short course, and possibly a book on security of sensing systems, to provide a large educational impact.Technical description: For the object localization problems under consideration, the research will characterize precisely on how observations at each sensor constrain the possible object position when no attacks are present. The research will also characterize the impact of increasing the number of observations per sensor and the number of sensors when no attacks are present. Further, the research will analyze the impact of intersecting constraints at multiple sensors to show exactly how the intersected constraints provide a strictly smaller set containing the object location under the case of no attacks. Large deviation analysis will be used to demonstrate that this approach can properly localize the target with high probability when a sufficient number of observations are available at each sensor. Cases with fewer observations will be analyzed using appropriate bounds that are accurate with a finite number of observations. These analytical approaches will be employed under attacks to show that significant attacks will drive the intersected constraints to the empty set. Large deviation analysis will be used to establish that this approach can properly identify attacked sensors, under some reasonable assumptions, when a sufficient number of observations are available at each sensor with high probability. Cases with fewer observations will be analyzed using appropriate bounds that are accurate with a finite number of observations.

摘要：ECCS -1744129标题：渴望：对商业物联网网络的网络攻击估计目标位置非技术描述：虽然互联网已经可用多年，但将传感和控制技术集成到互联网中产生所谓的物联网（IoT）仍然非常不成熟，并带来了新的未解决的危险安全问题。例如，针对汽车处理器的网络攻击已经被观察到。汽车制造商正在开发关键系统，旨在融合来自多个复杂传感器的数据，以确保自动驾驶汽车避免与人和动物发生碰撞。拟议的项目将寻求开发一个完整的商业物联网/传感器对象位置估计网络攻击缓解和影响的理论，其基础是：(1)在一些合理的假设下可以识别受攻击传感器的严格证明，以及(2)对受攻击系统可能达到的性能范围进行严格的基于估计理论的分析。新理论应该会导致防止智能家居，智能建筑，智能工厂和其他日常生活中依赖的商业物联网/传感器系统的网络攻击的技术。申请资金的主要部分将用于支持研究生。在这些重要的跨学科领域，将继续教育来自代表性不足群体的研究生和本科生。该研究项目、班级和里海大学综合电力网络（INE）跨学科研究计划之间的协调与该项目相关的影响更广泛。研究成果将被纳入当前和未来的理哈伊课程。课堂笔记可能会演变成一门短期课程，也可能是一本关于传感系统安全的书，以提供很大的教育影响。技术描述：对于正在考虑的目标定位问题，研究将精确描述在没有攻击存在时，每个传感器的观察如何约束可能的目标位置。该研究还将描述在没有攻击的情况下增加每个传感器的观察数量和传感器数量的影响。此外，该研究将分析多个传感器上相交约束的影响，以准确显示在没有攻击的情况下，相交约束如何提供包含目标位置的严格更小的集合。大偏差分析将证明，当每个传感器有足够数量的观测值时，该方法可以以高概率正确定位目标。较少观测值的情况将使用在有限观测值下准确的适当边界进行分析。这些分析方法将在攻击下使用，以显示重大攻击将把交叉约束驱动到空集。在一些合理的假设下，当每个传感器具有足够数量的高概率观测值时，将使用大偏差分析来确定该方法可以正确识别受攻击的传感器。较少观测值的情况将使用在有限观测值下准确的适当边界进行分析。

项目成果

Ordered Gradient Approach for Communication-Efficient Distributed Learning

用于高效通信的分布式学习的有序梯度方法

• DOI: 10.1109/spawc48557.2020.9153887
• 发表时间: 2020
• 期刊: 2020 IEEE 21st International Workshop on Signal Processing Advances in Wireless Communications (SPAWC
• 作者: Chen, Yicheng;Sadler, Brian M.;Blum, Rick S.
• 通讯作者: Blum, Rick S.

Optimal Quickest Change Detection in Sensor Networks Using Ordered Transmissions

使用有序传输的传感器网络中的最佳最快变化检测

• DOI: 10.1109/spawc48557.2020.9154270
• 发表时间: 2020
• 期刊: 2020 IEEE 21st International Workshop on Signal Processing Advances in Wireless Communications (SPAWC
• 作者: Chen, Yicheng;Blum, Rick S.;Sadler, Brian M.
• 通讯作者: Sadler, Brian M.

Artificial Noise-Aided MIMO Physical Layer Authentication With Imperfect CSI

• DOI: 10.1109/tifs.2021.3050599
• 发表时间: 2021-01-01
• 期刊: IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY
• 影响因子: 6.8
• 作者: Perazzone, Jake Bailey;Yu, Paul L.;Blum, Rick S.
• 通讯作者: Blum, Rick S.

A Fundamental Limitation on Maximum Parameter Dimension for Accurate Estimation With Quantized Data

• DOI: 10.1109/tit.2018.2850968
• 发表时间: 2016-05
• 期刊: IEEE Transactions on Information Theory
• 影响因子: 2.5
• 作者: Jiangfan Zhang;Rick S. Blum;Lance M. Kaplan;Xuanxuan Lu

Physical Layer Authentication via Fingerprint Embedding: Min-Entropy Analysis

通过指纹嵌入进行物理层身份验证：最小熵分析

• 发表时间: 2019
• 期刊: Conference on Information Science and Systems
• 作者: Perazzone, Jake Bailey;Yu, Paul L.;Sadler, Brian M.;Blum, Rick S.
• 通讯作者: Blum, Rick S.