Local Differential Privacy (LDP) is widely adopted in the Industrial Internet of Things (IIoT) for its lightweight, decentralized, and scalable nature. However, its perturbation-based privacy mechanism makes it difficult to distinguish between uncontaminated and tainted data, encouraging adversaries to launch poisoning attacks. While LDP provides some resilience against minor poisoning, it lacks robustness in IIoT with dynamic networks and substantial real-time data flows. Effective countermeasures for such attacks are still underdeveloped. This work narrows the critical gap by revealing and identifying LDP poisoning attacks in IIoT. We begin by deepening the understanding of such attacks, revealing novel threats that arise from the interplay between LDP indistinguishability and IIoT complexity. This exploration uncovers a novel rule-poisoning attack, and presents a general attack formulation by unifying it with input-poisoning and output-poisoning. Furthermore, two key attack impacts, i.e., Statistical Query Result (SQR) accuracy degradation and inter-dataset correlations disruption, along with two characteristics: attack patterns unstable and poisoned data stealth are revealed. From this, we propose PoisonCatcher, a four-stage solution that detects LDP poisoning attacks and identifies specific contaminated data points. It utilizes temporal similarity, attribute correlation, and time-series stability analysis to detect datasets exhibiting SQR accuracy degradation, inter-dataset disruptions, and unstable patterns. Enhanced feature engineering is used to extract subtle poisoning signatures, enabling machine learning models to identify specific contamination. Experimental evaluations show the effectiveness, achieving state-of-the-art performance with average precision and recall rates of 86.17% and 97.5%, respectively, across six representative attack scenarios.
翻译:本地差分隐私(LDP)因其轻量级、去中心化和可扩展的特性,在工业物联网(IIoT)中得到广泛应用。然而,其基于扰动的隐私机制使得纯净数据与污染数据难以区分,从而诱使攻击者发起投毒攻击。尽管LDP对轻微投毒具有一定抵抗力,但在网络动态变化、实时数据流庞大的IIoT环境中仍缺乏鲁棒性。针对此类攻击的有效防御措施尚不完善。本研究通过揭示并识别IIoT中的LDP投毒攻击,填补了这一关键空白。我们首先深化对此类攻击的理解,揭示了LDP不可区分性与IIoT复杂性相互作用所产生的新型威胁。通过探索发现了一种新型规则投毒攻击,并将其与输入投毒、输出投毒统一为通用攻击框架。进一步揭示了两种关键攻击影响——统计查询结果(SQR)精度下降与数据集间关联性破坏,以及攻击模式不稳定和污染数据隐蔽性两大特征。基于此,我们提出PoisonCatcher四阶段解决方案,用于检测LDP投毒攻击并定位具体污染数据点。该方法通过时序相似性分析、属性关联分析和时间序列稳定性分析,检测存在SQR精度下降、数据集间关联破坏及不稳定模式的数据集。利用增强的特征工程提取细微的投毒特征,使机器学习模型能够精确定位具体污染数据。实验评估表明该方案具有显著有效性,在六种典型攻击场景中平均精确率与召回率分别达到86.17%和97.5%,实现了最先进的性能表现。