Correlation-Based Deception Attack Detection for Cyber-Physical Control Systems With Multiple-Security Level Transmission Channels

In this article, the deception attack detection problem is studied in scenarios involving multisecurity level transmission channels. Powerful attackers can construct stealthy deception attacks by exploiting data from reliable and unreliable channels. From the perspective of data correlation, we develop three detection schemes with different resource consumption. First, a fully security channel is utilized to establish innovation-based time-varying data correlation, which triggers residual covariance variation under attacks. Second, a noise-encryption mechanism is introduced without requiring the fully security channel. For the initial two methods, we propose a targeted optimization method to improve the detection performance by exploiting the quantified residual covariance variation. Third, we propose a time-shift coding method from the perspective of dynamic system stability, which is rigorously proved to be sensitive to attack behavior. For these proposed methods, we quantify the residual covariance variation induced by attacks and achieve detection by the chi(2) test and generalized likelihood ratio test. Finally, the efficiency and reliability of these detection schemes are validated by examples.