Modified Particle Filters for Detection of False Data Injection Attacks and State Estimation in Networked Nonlinear Systems

Abstract

Networked control systems which transfer data over communication networks may suffer from malicious cyber attacks by injecting false data to the transferred information. Such attacks can cause performance degradation of the closed-loop system and the filtering problem. The sequential importance sampling (SIS) particle filtering (PF) methods employ the sequential Monte Carlo approach to estimate the generally non-Gaussian posterior probability density function (pdf) for Bayesian estimation of generally non-linear non-Gaussain systems. In this paper, it is firstly shown that with the normal SIS PF, the injected false data to the networked systems remains stealthy and therefore it is not possible to reduce the degrading effect of the attack on the estimation. However, with a modification in the proposal pdf, a modified SIS PF is then proposed which guarantees the attack detectability where the attacked measurements are incorporated in the particle generation process and thus the particles are updated and make the attack detectable. Using the derived thresholds and under small enough measurement noises, it is also proved that no false alarm occurs. After estimation of the attack value, the posterior pdf conditioned on truly detected attack leads to an estimation equivalent to the attack free SIS PF in terms of estimation bias and estimation covariance error. Finally, the accuracy of the presented concepts is demonstrated for a networked interconnected four-tank system.