PoisonCatcher, a novel method to identify data points contaminated by LDP poisoning attacks in IIoT, where LDP poisoning attacks exploit the indistinguishability of LDP and the complexity of IIoT to launch attacks, undermining statistical accuracy.
It is based on deduced attack characteristics and impacts and achieves an average of 86.17% precision and 97.5% recall in contaminated data point identification.
Local Differential Privacy (LDP) protects IIoT data by perturbing it locally, but its indistinguishability property can be exploited by adversaries, which defines privacy through a constraint on the probability of observing an output given different inputs.
It ensures data privacy but also makes it difficult to distinguish between legitimate and malicious data. IIoT environments, with their dynamic nature, resource constraints, and heterogeneous devices, are particularly susceptible to LDP poisoning attacks.
These attacks can manipulate LDP-processed data, compromising statistical accuracy and impacting critical decision-making in industrial processes, as understanding the specific methods, characteristics, and impacts of LDP poisoning attacks in IIoT is crucial for developing effective countermeasures.
LDP poisoning attacks in IIoT environments, identifying three modes: input poisoning, output poisoning, and a novel rule poisoning attack, while a generalized formulation quantifies the privacy degradation caused by these attacks.
The impact of these attacks on SQR accuracy and inter-dataset correlations, demonstrating that even small-scale poisoning can significantly distort statistical results.
Key attack characteristics include unstable attack patterns, limited by the need to remain within natural data variations, and the stealth of contaminated data points, enabled by the indistinguishability inherent in LDP mechanisms.
PoisonCatcher is a four-stage framework for identifying data points contaminated by LDP poisoning attacks in IIoT environments, which first detects suspicious datasets using temporal similarity, attribute correlation, and pattern stability detectors.
Subsequently, enhanced feature engineering is employed to facilitate the identification of contaminated data points, which involves random sampling to explore data distributions, statistical analysis to extract distinctive features (e.g., distribution characteristics, poisoning sensitivity, and local variation patterns), and multivariate time-series analysis to capture temporal correlations.
By combining these techniques, PoisonCatcher effectively identifies contaminated data points while mitigating the challenges of LDP-induced noise and enhancing the robustness of IIoT systems against sophisticated poisoning attacks.
The research evaluates PoisonCatcher, a system for detecting data poisoning attacks in Industrial IoT (IIoT) environments, by employing simulated data with various attack scenarios, including precision drifting and information erasing, on both continuous and discrete datasets.
It leverages SQR similarity and bias distance to detect poisoned data sets and employs feature engineering to identify individual contaminated data points, where experimental results demonstrate that PoisonCatcher effectively detects poisoning across different attack scenarios, achieving high precision and recall rates.
The system exhibits robustness under varying attack intensities, attack durations, and LDP privacy budgets, demonstrating its potential for real-world IIoT applications.
