DoS攻击下基于多率采样的多智能体系统安全一致性

本 文 研 究 了 一 类 带 有 多 率 采 样 的 线 性 多 智 能 体 系 统(Multiagent Systems, MASs)在 拒 绝 服 务(Denial-of-Service, DoS)攻击下的安全一致性控制问题, 其中DoS攻击通常阻断智能体之间的信息传输. 本文将多 率采样在网络化控制系统中的结果推广到了多智能体系统, 并考虑了非理想通信网络环境. 首先, 通过引入一个匹 配机制来同步由多率采样引起的智能体不同状态分量的采样数据. 然后, 在DoS攻击下, 针对带有多率采样的线 性MAS提出了一个基于多率采样的安全一致性控制器. 通过使用李雅普诺夫稳定性理论和切换系统方法, 获得了 包含DoS 攻击持续时间以及攻击频率的安全一致性充分条件. 最后, 给出了一个仿真例子来验证所提方法的有效 性, 并给出了多率采样与单率采样机制的性能对比分析.     

基于观测器的多智能体系统安全一致性控制

针对混合攻击下多智能体系统基于观测器的事件触发一致性问题,设计观测器以估计智能体不可测的状态,引入事件触发机制以减少智能体的通信频次与控制器的更新频次。首先,考虑拒绝服务(DoS)攻击和重放攻击同时存在的情况,建立数学模型,并设计基于观测器的事件触发一致性控制协议。其次,针对不同的攻击情况,建立误差切换系统模型,并且采用分段Lyapunov函数方法得出误差系统均方指数稳定的充分条件。然后,通过求解一系列线性矩阵不等式,给出一致性控制器、观测器与事件触发参数的设计方法。最后,通过仿真实例证明了所提方法的可行性。     

拒绝服务攻击下领导-跟随多智能体系统的均方一致性研究

针对带有过程噪声和测量噪声的领导-跟随多智能体系统,研究拒绝服务攻击下多智能体系统的一致性问题.首先,设计基于卡尔曼滤波的状态观测器,对智能体状态进行有效准确的估计;然后,基于预测控制理论提出一种基于状态估计信息的分布式预测控制算法,从而实现领导-跟随多智能体系统的均方一致性控制,并给出拒绝服务攻击环境下实现领导-跟随多智能体系统均方一致性的充分必要条件;最后,通过数值仿真验证所提出方法的正确性和有效性.     

DoS攻击下多智能体系统无模型自适应迭代学习跟踪控制EI北大核心CSCD

针对周期性拒绝服务(DoS)攻击下多智能体系统有限时间趋同跟踪控制问题,本文提出了一种无模型自适应迭代学习控制(MFAILC)算法.假设多智能体系统具有固定拓扑结构,并且仅有部分智能体可获取到期望轨迹信息.在多智能体系统数据传输过程中,需要经由对数量化器进行量化处理.首先,使用伪偏导数将智能体系统动态线性化,处理过程中考虑符合伯努利分布的周期性DoS攻击现象,在此基础上设计了MFAILC控制算法,其次,采用压缩映射方法给出了一个在期望意义下保证跟踪误差收敛的充分条件,并在理论上证明了所提算法的收敛性.所提算法只需利用系统的输入输出数据就可完成趋同跟踪任务.最后,仿真结果验证了所提算法的有效性.     

网络攻击下多智能体系统动态事件触发一致性

研究网络攻击下一般线性多智能体系统的动态事件触发一致性问题.考虑多智能体系统在受到网络攻击后,被攻击节点的状态会改变,导致与其相应的连接无法工作,设计修复策略恢复被攻击节点及其相应的连接,给出网络攻击下分布式事件触发控制协议.在静态事件触发机制基础上,通过引入动态阈值参数,提出动态事件触发机制.进一步,利用图论、线性矩阵不等式和李雅普诺夫函数方法,给出网络攻击下实现多智能体系统一致性的充分条件,并证明在所提出的动态事件触发条件下,能够有效避免芝诺行为.最后,通过仿真例子来验证理论结果的有效性.     

DoS攻击下具备隐私保护的多智能体系统均值趋同控制

均值趋同是一种广泛应用于分布式计算和控制的算法, 旨在系统通过相邻节点间信息交互、更新, 最终促使系统中所有节点以它们初始值的均值达成一致. 研究拒绝服务(Denial-of-service, DoS)攻击下的分布式离散时间多智能体系统均值趋同问题. 首先, 给出一种基于状态分解思想的分布式网络节点状态信息处理机制, 可保证系统中所有节点输出值的隐私. 然后, 利用分解后的节点状态值及分析给出的网络通信拓扑条件, 提出一种适用于无向通信拓扑的多智能体系统均值趋同控制方法. 理论分析表明, 该方法能够有效抵御DoS攻击的影响, 且实现系统输出值均值趋同. 最后, 通过仿真实例验证了该方法的有效性.     

离散异质多智能体系统的分组一致性控制

针对一类混合异质多智能体系统的分组一致性控制问题进行了研究。具体分析了由一阶智能体和二阶智能体组成的混合异质系统,研究其在离散情况下的分组一致性。基于两个合理的假设提出了线性控制协议,运用代数图论、稳定性理论和矩阵理论,分析协议作用下闭环系统的系统矩阵及动态特性,取得了系统渐近实现分组一致性的充分条件,该条件与系统拓扑结构、采样周期以及控制参数有关。结论同时适用于有向拓扑与无向拓扑,最后通过仿真实例对所得分析结果进行了验证。     

DoS攻击下多自主体系统的事件触发安全控制

针对拒绝服务(DoS)攻击下的时变多自主体系统,在有限域内研究事件触发安全一致性问题。在信息传输过程中,拒绝服务攻击同时存在于测量和控制通道中。将拒绝服务攻击看作是驻留时间切换机制,增广系统转化为包含一个稳定子系统和一个不稳定子系统的离散驻留时间切换系统。为提高通信资源利用率,采用状态依赖阈值的事件触发机制来更新控制输入信号。基于多Lyapunov函数方法,以线性矩阵不等式形式给出系统一致指数稳定且具有期望H∞性能的两个充分条件以及可行的控制器增益。仿真实例验证了发生拒绝服务攻击时,多自主体系统仍然可以实现安全一致性。     

多智能体系统通信拓扑最优设计

运用控制理论,矩阵论及最小二乘等理论,研究了多智能体系统的分组一致性与系统通信拓扑图的拉普拉斯矩阵属于特征值0的特征向量之间的关系.给出了在线性协议控制下,系统达到一致性和分组一致性,其通信拓扑的设计方法.提出了一阶多智能体系统的总能量概念,并得到了系统在能量最省时通信拓扑的最优设计.仿真实例佐证本文主要结论的正确性.     

二阶混杂多智能体系统的安全二分一致性

本文在合作–竞争网络下针对一类由二阶连续时间个体和离散时间个体构成的混杂多智能体系统, 研究了系统中存在恶意个体情况下的安全二分一致性问题. 首先, 在假设智能体的恶意邻居数量上限已知的情况下, 基于删除邻居信息中极端值的思想, 设计了一种安全二分一致性容错算法. 其次, 基于鲁棒图性质进行系统转换, 运用图论、矩阵论等分析工具得到了系统实现安全二分一致性的图条件. 最后, 通过仿真实例验证了所得结果的有效性.关键词: 混杂多智能体系统; 恶意个体; 安全二分一致性; 容错算法     

Countering jamming attacks against an authentication and key agreement protocol for mobile satellite communications

The radio-based medium of satellite communication systems is vulnerable to interference on physical channels: unintentional interferences occur frequently and jamming attacks can be achieved using low-grade technology. While application layer security protocols cannot defend against denial of service (DoS) attacks where the attacker jams continuously, effective security protocols ensure that communication can continue after such interference has stopped.This paper analyses an authentication and key agreement protocol for satellite communications. The presented analysis reveals that the protocol is susceptible to a new DoS attack, where attackers jam a single message to achieve a permanent DoS condition. A new authentication and key agreement protocol is proposed that additionally addresses the scenario where messages send over the mobile satellite channel may not reach their intended recipient due to accidental or malicious interference. Analysis of the new protocol demonstrates that it is effective in countering the disruptive effects of jamming.     

Event-triggered containment control for multi-agent systems under hybrid cyber attacks

This paper studies event-triggered containment control problem of multi-agent systems (MASs) under deception attacks and denial-of-service (DoS) attacks. First, to save limited network resources, an event-triggered mechanism is proposed for MASs under hybrid cyber attacks. Different from the existing event-triggered mechanisms, the negative influences of deception attacks and DoS attacks are considered in the proposed triggering function. The communication frequencies between agents are reduced. Then, based on the proposed event-triggered mechanism, a corresponding control protocol is proposed to ensure that the followers will converge to the convex hull formed by the leaders under deception attacks and DoS attacks. Compared with the previous researches about containment control, in addition to hybrid cyber attacks being considered, the nonlinear functions related to the states of the agents are applied to describe the deception attack signals in the MAS. By orthogonal transformation of deception attack signals, the containment control problem under deception attacks and DoS attacks is reformulated as a stability problem. Then, the sufficient conditions on containment control can be obtained. Finally, a set of simulation example is used to verify the effectiveness of the proposed method.     

Dynamic event-based consensus of multi-agent systems with secure mode resilient to DoS attack

In this article, the resilient leaderless consensus problem for a multi-agent system (MAS) under denial-of-service(DoS) attack is investigated. The DoS attack is carried out with multiple strategies. The sufficient condition for MASs achieving consensus under multi-mode DoS attack is developed. In order to actively alleviate the influence caused by the DoS attack, the MAS switches between normal and secure modes. Once a DoS attack occurs, the agents will switch into the secure mode with a lower open-loop divergence rate. A dynamic event-based consensus protocol is proposed, driving the MAS achieve consensus while saving communication resources effectively. Moreover, rigorous proof analysis demonstrates the Zeno-free property of the developed dynamic event-triggered mechanism. Finally, a numerical simulation is provided to illustrate the effectiveness of the proposed theoretical results.     

IPSec中密钥交换协议IKE的安全性分析与改进

介绍了IKE协议,研究了IKE协议的安全性问题。对中间人攻击进行了分析并提出了一种改进cookie生成算法;针对拒绝服务攻击分析了系统安全性缺陷,并针对此类缺陷作出了算法改进;在前两种改进方案的基础上设计了一种新的口令认证密钥交换协议,经验证,新的口令认证密钥交换协议更安全有效。     

Towards Risk Evaluation of Denial-of-Service Vulnerabilities in Security Protocols

Denial-of-Service(DoS) attacks are virulent to both computer and networked systems.Modeling and evaluating DoS attacks are very important issues to networked systems;they provide both mathematical foundations and theoretic guidelines to security system design.As defense against DoS has been built more and more into security protocols,this paper studies how to evaluate the risk of DoS in security protocols.First,we build a formal framework to model protocol operations and attacker capabilities.Then we pro...     

Adaptive Memory Event-Triggered Observer-Based Control for Nonlinear Multi-Agent Systems Under DoS Attacks

This paper investigates the event-triggered security consensus problem for nonlinear multi-agent systems (MASs) under denial-of-service (DoS) attacks over an undirected graph. A novel adaptive memory observer-based anti-disturbance control scheme is presented to improve the observer accuracy by adding a buffer for the system output measurements. Meanwhile, this control scheme can also provide more reasonable control signals when DoS attacks occur. To save network resources, an adaptive memory event-triggered mechanism (AMETM) is also proposed and Zeno behavior is excluded. It is worth mentioning that the AMETM’s updates do not require global information. Then, the observer and controller gains are obtained by using the linear matrix inequality (LMI) technique. Finally, simulation examples show the effectiveness of the proposed control scheme.      

Exponential finite-time couple-group consensus for agents in cooperative-competitive networks via pinning method

This paper investigates the exponential finite-time couple-group consensus problem for multi-agent systems via pinning control method. Considering the hybrid cooperative and competitive interactions among the agents, a new nonlinear distributed control protocol is proposed. Under the pinning control scheme, the criteria for guaranteeing the system with weakly connected communication topology achieve exponential couple-group consensus in finite time are obtained, and the pinning control strategies are presented as well. Furthermore, the results show that the settling time for the system to reach consensus is independent of the initial states of the agents. Finally, the correctness of our results is verified by some simulations.