Advanced Bad Data Injection Attack and Its Migration in Cyber-Physical Systems

False data injection (FDI) attack is a hot topic in cyber-physical systems (CPSs). Attackers inject bad data into sensors or return false data to the controller to cause the inaccurate state estimation. Although there exists many detection approaches, such as bad data detector (BDD), sequence pattern mining, and machine learning methods, a smart attacker still can inject perfectly false data to go undetected. In this paper, we focus on the advanced false data injection (AFDI) attack and its detection method. An AFDI attack refers to the attack where a malicious entity accurately and successively changes sensory data, making the normal system state continuously evaluated as other legal system states, causing wrong outflow of controllers. The attack can lead to an automatic and long-term system failure/performance degradation. We first depict the AFDI attack model and analyze limitations of existing detectors for detecting AFDI. Second, we develop an approach based on machine learning, which utilizes the k-Nearest Neighbor (KNN) technique and heterogeneous data including sensory data and system commands to implement a classifier for detecting AFDI attacks. Finally, simulation experiments are given to demonstrate AFDI attack impact and the effectiveness of the proposed method for detecting AFDI attacks.