Trustworthy Target Localization via ADMM in the Presence of Malicious Nodes

Similar to numerous problems that gain interest nowadays (like the ones arising in statistics and machine learning), target localization problem can be cast in the framework of convex optimization. Nevertheless, owing to recent eruption in both size and heterogeneity of modern wireless networks which exposes them to various security threats, it is increasingly important to be able to localize the target reliably (securely). On the one hand, the security feature precludes the direct use of most existing localization algorithms in modern networks, since these are vulnerable to malicious attacks (for instance, measurement spoofing). On the other hand, taking security menace into consideration often leads to an under-determined problem formulation which requires certain approximations/relaxations of the problem, resulting in insufficiently accurate solutions. This work argues that the alternating direction method of multipliers (ADMM) is a well tailored approach to combat the secure localization problem. The proposed solution is a decomposition-coordination scheme, where solutions to smaller local (sub-) problems are bound together to obtain a solution to a larger global problem. To this end, an equivalent reformulation of the (non-convex) maximum likelihood estimator (MLE) as a smooth constrained non-convex minimization problem is derived first, which gives rise to a simple iterative scheme that does not require further approximations nor convex relaxations. The performance of the proposed algorithm is corroborated through computer simulations and experimental measurements.


Trustworthy Target Localization via ADMM in the Presence of Malicious Nodes Slavisa Tomic and Marko Beko
Abstract-Similar to numerous problems that gain interest nowadays (like the ones arising in statistics and machine learning), target localization problem can be cast in the framework of convex optimization.Nevertheless, owing to recent eruption in both size and heterogeneity of modern wireless networks which exposes them to various security threats, it is increasingly important to be able to localize the target reliably (securely).On the one hand, the security feature precludes the direct use of most existing localization algorithms in modern networks, since these are vulnerable to malicious attacks (for instance, measurement spoofing).On the other hand, taking security menace into consideration often leads to an under-determined problem formulation which requires certain approximations/relaxations of the problem, resulting in insufficiently accurate solutions.This work argues that the alternating direction method of multipliers (ADMM) is a well tailored approach to combat the secure localization problem.The proposed solution is a decomposition-coordination scheme, where solutions to smaller local (sub-) problems are bound together to obtain a solution to a larger global problem.To this end, an equivalent reformulation of the (non-convex) maximum likelihood estimator (MLE) as a smooth constrained non-convex minimization problem is derived first, which gives rise to a simple iterative scheme that does not require further approximations nor convex relaxations.The performance of the proposed algorithm is corroborated through computer simulations and experimental measurements.

I. INTRODUCTION
T O ACCOMMODATE the escalating requirements of next generation wireless applications, like self-driving ground and air vehicles [1], industrial and tactile internet-of-things (IoT) [2], [3], digital twins [4] and Internet of Underwater Things [5] to name a few, the research, innovation and industrial communities are relying on millimeter wave communications [6], terahertz [7], and optical bands [8].Even though these systems offer extraordinary bandwidths, the aspired quality of service in terms of throughput, latency, and reliability in acceptable transmission distances can only be achieved if the end devices know each other's relative location [9].Consequently, localization will play a crucial role in such wireless systems [10].Nonetheless, if the location information is not reliable or is manipulated (spoofed), it can lead to disastrous consequences.Therefore, achieving trustworthy localization will be of paramount importance for high frequency systems.
During the last few years, secure localization problem captured a lot of attention in the scientific community [11]- [22].According to the existing literature, one can distinguish between uncoordinated (each malicious attacker acts independently from others) and coordinated (a group of malicious attackers collaborates together) spoofing attacks.The recent work in [18], proposed a weighted least squares (WLS) estimator for received signal strength (RSS)-based localization, under uncoordinated attacks.This estimator was designed by considering a proper weight definition suitable for log-distance model, where smaller weights are assigned to remote devices and vice versa.In [19], a clustering method based on circle intersections after which a threshold-based keying scheme is applied to identify attackers, which are then eliminated from a non-linear localization process transformed into a generalized trust region sub-problem (GTRS) framework was described.However, the work in [19] considered only distance-enlargement attacks, by studying the employment of two-way time of arrival (TOA) measurements.The authors of both [18] and [19] updated their works recently by introducing a new secure WLS (SWLS) and l 1 -norm-based techniques (termed LN-1 and LN-1E) together with a 3-D plane fitting solved by standard alternating direction method of multipliers (ADMM) method for RSS-based localization [20], and by considering a common range-based measurement model where law of cosines (LC) was applied to cast the problem into a GTRS framework [21], respectively.In [22], the authors developed a robust secure localization approach by studying the worst-case scenario in which all devices are assumed malicious from the beginning.The malicious attacks were treated as nuisance parameters in order to apply a min-max approach and formulate the secure localization problem as a robust non-linear least squares estimator.This estimator is then relaxed into a second-order cone programming (R-SOCP) problem and robust GTRS (R-GTRS).Nonetheless, it is important to point out that, besides relying on the a priori knowledge of the noise power and empirical tuning of a hyperparameter necessary to set a threshold for attacker detection, the generalization of the SWLS method [20] to a general range-based approach is not straightforward, since it is based on a non-linear relationship between RSS and distance.Furthermore, in order for the LC-GTRS approach in [21] to operate, the difference between genuine and corrupted devices needs to be at least s + 1 (in an s-dimensional space).Lastly, the robust schemes in [22] necessitate knowledge on the upper bound of the attack intensity beforehand.Besides, the R-SOCP solution comes with a high computational burden which is not translated into any significant gain in comparison with R-GTRS.
In contrast to the state-of-the-art methods [18]- [22] that require additional knowledge and/or convex relaxations/approximations, this work proposes employing ADMM tool to elegantly address the secure localization problem.The new scheme is a decomposition-coordination approach, where solutions to smaller local (sub-) problems are integrated together to acquire a solution to a larger global problem.The proposed scheme starts with an analogous reformulation of the (non-convex) maximum likelihood (ML) estimator as a smooth constrained non-convex minimization problem, after which the benefits of dual decomposition and augmented Lagrangian methods for constrained optimization are blended together.The biggest advantage of the proposed method is that it does not require any further approximations nor convex relaxations, since the solutions to its smaller optimization problems are given by simple analytic formulas.
The main contributions of the present work are 3-fold, and are summarized as follows: r The current work presents a novel solution for trustwor- thy target localization in arbitrarily-deployed wireless networks in the presence of malicious (or defective) nodes that are able to manipulate (spoof) their distance measurements.The proposed solution outperforms the existing ones in both cases of uncoordinated and coordinated attacks, and does not require any prior knowledge regarding the type of the attacks.
r Unlike most of existing solutions that are derived based on squared range least squares approach, where the least squared error is minimized in the squared domain and has no statistical interpretation, the proposed approach is based on (weighted) least squares, where the squared (weighted) sum of errors is minimized and can be interpreted as an ML estimator whenever the noise is assumed Gaussian.Moreover, in contrast to the existing approaches, the proposed scheme requires no additional relaxations/approximations, since it benefits from dual decomposition and augmented Lagrangian methods for constrained optimization.
r The proposed work applies a series of mathematical ma- nipulations on the considered system model to transform it into a suitable form, where by variable splitting (to obtain an equivalent, but constrained optimization problem) and augmented Lagrangian framework (to deal with the derived optimization problem) the problem is elegantly solved via ADMM algorithm.
The remainder of this work is organized as follows.Section II introduces a general model for (compromised) range measurements and provides a mathematical definition of the considered problem.In Section III, a detailed derivation of the proposed solution based on ADMM is presented, together with a detection scheme to identify an anchor as genuine or malicious.Section IV validates the performance of the proposed solution both in terms of complexity (computational and temporal) and accuracy (localization and attacker detection), while Section V concludes the work.

II. PROBLEM FORMULATION
Let a i ∈ R s , i = 1, . .., N, denote the true locations of N stationary reference nodes (anchors) and x ∈ R s the true location of a target, with s = 2 or 3.The true locations of the anchors are known a priori, whereas determining the location of the target is the main goal of this work.The assumption that the target and anchors can communicate with each other and that the anchors possess suitable equipment so that they can retrieve range measurements from the received radio signal (e.g., through TOA or RSS observations) is taken for granted.Moreover, a subset of anchors (≤ 50% of the total) are assumed malicious or impaired, so that their measurements tend to obstruct the localization endeavor.The adverse attacks can be achieved by manipulating (spoofing) range measurements (for instance, by changing the transmit power levels) or can simply occur due to hardware impairments.Generally, the literature on secure localization problem [13], [19], [20], distinguishes between uncoordinated (compromised anchors act individually and independently from one another) and coordinated attacks (a group of compromised anchors collaborates together).It is important to note that, in practice, one cannot possibly know under what type of attacks the network is beforehand.Nevertheless, in any case, the adverse deeds are considered here as non-cryptographic, meaning that the perpetrators take no risk of impinging upper-layer security protocols when performing strikes.
Mathematically, in its general form, secure range-based localization problem can be formulated as a system of non-linear equations, where the equations describe the observed ranges between the anchors and the target as being their respective distances contaminated with additive noise and possibly a malicious attack [21].Therefore, the k-th distance measurement sample (1 ≤ k ≤ K) between the target and the i-th anchor (in meters) can be modeled [23]- [25] as where n i,k denotes the measurement noise, modeled as a zeromean Gaussian random variable, i.e., n i,k ∼ N (0, σ 2 i,k ), and δ i ∈ R is the (unknown) intensity of the spoofing attack.Note that the case where δ i = 0 corresponds to anchor i not being compromised, while the case where δ i = 0 corresponds to anchor i being compromised.
The system model presented in (1) corresponds to the one used in [26], where the authors used a satellite simulator to demonstrate that it is possible to take over the victim's satellite lock and spoof its GPS receiver.This was done by manually placing an antenna close to the victim's receiver (mounted in a truck) to lock it, after which the spoofing signal could actually be transmitted from a greater distance.It also corresponds to the model presented in [27], where the authors illustrated an example for distance reduction attacks as hijacking a car in a street by using a relay system to trick the car into thinking that the key is in its vicinity, when it actually is not.
Some works (e.g., [13], [20]) model coordinated attacks according to where ẍ denotes an arbitrary point agreed by the collaborating attackers; we kindly refer the reader to see Fig. 1.Nevertheless, the above model is just a special case of (1), when δ i = ẍ − a i − x − a i , and for this reason the current work considers (1) as the general model for both uncoordinated and coordinated spoofing attacks.Lastly, for the sake of simplicity and without loss of generality, in the text that follows, the median of the K distance observations, d i , is computed and used as observation of anchor i, while the measurement variances are taken as identical for any link i (and sample k), i.e., σ 2 1 = σ 2 2 = . . .= σ 2 N = σ 2 .By taking advantage of the distance observations in (1) and according to the ML principle [28,Ch. 7], the target can be localized by minimizing the squared sum of noise errors as ( Even though the ML approach is a frequently employed approach in practice generally, the estimator in ( 2) is underdetermined, non-convex and non-smooth.Unlike most of the existing approaches that avoid direct tackling of (2) by applying certain relaxation/approximation techniques, the current work does not seek any circumvention of the problem.Instead, a new simple and iterative approach is introduced to tackle (2) directly by casting it as an equivalent smooth constrained non-convex minimization problem.The non-convexity of the derived estimator is dealt with locally, by binding together solutions of individual sub-problems to get a solution of the global problem.

III. THE PROPOSED APPROACH FOR THE SECURE LOCALIZATION PROBLEM
This section describes a detailed derivation of the proposed ADMM-based solution for the localization problem, and provides an overview of the employed attacker detection scheme.Thus, it is organized correspondingly.

A. ADMM-Based Target Localization
First, weights are brought into play in order to attribute more confidence to closer links.Then, by developing the square in (2) and dropping the constant terms (which have no impact on the minimization), one gets min. ( The problem in ( 3) is equivalent to minimize where u i is just a unit vector.This step aids to smooth out the objective function.Applying a sort of variable splitting to (4) and convexifying the constraint The motivation for variable splitting is that sometimes it may be easier to solve the constrained version of a problem than it is to solve its unconstrained counterpart [29].The augmented Lagrangian for the problem in ( 5) is then given by , δ, u, v, h, q; λ, μ, ν where Authorized licensed use limited to the terms of the applicable license agreement with IEEE.Restrictions apply.
with i B i (u i ) denoting the indicator function of the unit closed ball B i = {u i ∈ R s : u i ≤ 1} and λ i , μ i , and ν i are dual variables, also known as Lagrange multipliers, which represent the sensitivity of the objective function for marginal perturbation of a constraint at the optimal point [30,Ch. 5].The name augmented Lagrangian comes from the fact that in (6) one has the standard Lagrangian which is augmented by the quadratic penalty term, i.e., its penalty multiplier function is built in the form ϕ(c(ξ)) = α T c(ξ) + τ 2 c(ξ) 2 , for some variable ξ, set of constraints c i (ξ), Lagrange multipliers α i , and a penalty value τ .
The augmented Lagrangian in ( 6) is strongly convex in any of the variables for a fixed octet composed of the remaining variables.Hence, every minimization step of the ADMM (which comprises minimizing (6) in an alternating fashion for each primal variable, followed by an update of multipliers) results in a well-defined minimization of a strongly convex function for each primal step.This is done by generating the sequence (x (t) , δ (t) , u (t) , v (t) , h (t) , q (t) ; λ (t) , μ (t) , ν (t) ), with t ∈ N, according to for i = 1, . .., N, while the updates of the multipliers come from the derivative of the penalty multiplier function with respect to its corresponding constraint.Hence, each of the local optimization problems can be solved by simply computing the gradient with respect to the relevant primal variable and setting it to zero.This leads to where and the update of the multipliers (7g)-(7i) just boils down to the sum of the previous value of the multiplier and the product of the penalty term multiplied with the value of the constraint in the current iteration.The scheme in ( 7) is referred to as WADMM in the following text.

B. Attacker Detection
Even though the proposed algorithm directly returns the estimated attack intensity of each anchor through (7b) as one of its outputs, one still needs to come up with a scheme in order to identify an anchor as genuine or malicious.For this purpose, the generalized likelihood ratio test (GLRT) is employed in this work.GLRT scheme is founded on discernment between two possible hypotheses: in which one assumes absence (H 0 ) and presence (H 1 ) of a malicious attacker.From these two hypotheses, the respective likelihood functions are defined as where d i is the vector assembled of K distance samples for each anchor i.
Then, applying the Neyman-Pearson theorem [31,Ch. 3] and taking advantage of (9a) and (9b) yields where γ denotes a threshold, and respectively denote the ML estimate of the attack intensity for each link i and the ML estimate of the noise standard deviation [28,Ch. 7].By plugging in (9a) and (9b) into (10) and applying some simple algebraic manipulations, the GLRT detection scheme reduces to According to [31,Ch. 3], the probability of false alarm is defined as where i.e., T i ∼ N (0, σ 2 K ), under the hypothesis H 0 .Thus, for a fixed value of P F A in (13), it is straightforward to calculate the value of the threshold γ in order to solve (12).
Finally, to conclude this section, we summarize the generalized version of the proposed method in a universal setting as a pseudo-code in Algorithm 1.

IV. PERFORMANCE ASSESSMENT
This section assesses the overall performance of the proposed solution via numerical results.First, it gives a brief overview of all considered algorithms and analyzes their computational complexity, after which, localization and attacker detection performance analyses in a simulation and experimental environments follow.The section is concluded by a brief discussion of the proposed solution.

A. Analysis of the Computational Complexity
Table I lists the existing algorithms that are considered here as the state-of-the-art solutions 1 for comparison with the proposed one.It provides a summary of their main characteristics, together with their worst-case computational complexity and average running time.The table shows that some existing works designed their solution for a specific type of attack and that some of them require additional information beforehand in order to operate (e.g., WLS requires knowledge about the noise standard deviation, while R-GTRS requires knowledge about the upper bound on the magnitude of the attack intensity).Furthermore, Table I exhibits that the asymptotic computational complexity of all considered approaches is linear in N .The only difference in their computational burden is due their iterative nature, given that LC-GTRS and R-GTRS solve the problem via bisection (and B max denotes the maximum number of iterations), while LN-1, LN-1E and WADMM use ADMM approach to reach their final solution (with k ADM M and I max denoting their maximum number of iterations).Note that LC-GTRS and LN-1E require an additional localization step after they "clean" the measurements from the malicious anchors.Lastly, it is also worth mentioning that the average running times were obtained in the scenario where N = 30, σ = 15 (m) and Δ = 20 (m) for M c = 1000 runs for both uncoordinated (UC) and coordinated (C) attacks, on the computer with the following characteristics: CPU Intel(R) Core(TM) i5-1135G7 @2.4 GHz and 16 GB RAM.The results in Table I show that the proposed algorithm requires the highest average running time, but even so, all considered algorithms seem suitable for real-time implementation.

B. Localization and Detection Performance
In all presented results hereafter, every node was deployed randomly N D = 1000 times in a square area with edge length of 100 meters.All measurements 2 were generated according to (1), where K = 10 measurement samples were considered.Moreover, at most half of all N anchors (chosen randomly) were considered as malicious N A = 50 times in each node deployment.Note that attacks were performed independently by each malicious anchor, following an exponential distribution whose rate was drawn from a uniform distribution on the interval [0, Δ] (m), i.e., δ i ∼ ±E(U [0, Δ]), ∀i, where ± represents a random sign attribution to δ i .The proposed solution was executed with I max = 1000.The main simulation parameters are summarized in Table II.
Although Table I shows that some existing solutions were specifically designed for a particular type of attack, since one cannot know under what type of attack (uncoordinated or coordinated) the network is beforehand, this section analyzes the performance of the considered algorithms in both scenarios.In the case where the authors of the considered existing works provided alternatives specifically for one of these setting, those solutions were used for comparison (e.g., WLS in [18] and LN-1E in [20] were only considered in uncoordinated and coordinated scenario, respectively); otherwise, the proposed methods were tested in both settings.Regardless, the main criteria used for evaluating localization accuracy are the root mean squared 2 Even though the attack intensity of each malicious node is considered consistent in one simulation run, given that the observations are constructed on top of a noisy measurement model in (1), the resulting attack realizations are actually impaired.error (RMSE), defined as RMSE = M c m=1 , where x m is the estimate of the true target location, x m , in the m-th Monte Carlo, 1 , with • 1 denoting the l 1 norm, and cumulative distribution function (CDF) of the localization error (LE), defined as LE m = x m − x m .In terms of detection accuracy, the main performance metrics are the probability of correct detection, P CD , and the probability of false detection, P F D .It is worth mentioning that the probability of false alarm was set to P F A = 0.1, in order to compute the threshold in (13).
Fig. 2 illustrates the performance comparison of the considered schemes in an uncoordinated attack scenario for different values of N and fixed σ = 15 (m) and Δ = 20 (m).Fig. 2(a) shows that the localization error of all algorithms reduces with the increase of N , as foreseen, since the maximum number of malicious anchors is at most N 2 and adding more anchors eventually results in adding more genuine devices into the network.It also shows that the proposed solution outperforms significantly the existing ones, lowering the localization error for at least 1 m for any N in comparison with the best existing solution in any setting.Fig. 2(b) exhibits that the BIAS (m) of the proposed solution is among the lowest of all considered estimators.Moreover, Fig. 2(c) and (d) study the detection performance of all algorithms. 3Interestingly, in the considered scenario, it seems that all algorithms get saturated practically immediately in terms of the correct detection, and increasing N brings no substantial improvements.These results indicate that there might be an upper bound on the achievable P CD performance (a bit above 50%) that no existing solution is able to exceed for any considered N .Nevertheless, the proposed estimator is competitive in comparison with the existing ones and performs relatively close to the achievable upper bound.Finally, it is also interesting to see the detection performance in terms of false detection, i.e., how many times does an estimator mistakenly tags a genuine anchor as a malicious one.It can be seen from Fig. 2(d) that all solutions slightly lower P F D with the increase of N , which is in concordance with the localization results presented in Fig. 2(a).The proposed algorithm exhibits the least P F D for all considered N , followed closely by R-GTRS method.Interestingly, by observing both the results presented in Fig. 2(c) and (d), one can conclude that LC-GTRS and WLS are basically "flip-a-coin" detection methods, since they practically identify all anchors as malicious, i.e., P CD + P F D ≈ 1 for these methods.
Fig. 3 illustrates the performance comparison of the considered schemes in a coordinated attack scenario for different values of Δ (m) and fixed N = 50 and σ = 15 (m).Naturaly, Fig. 3(a) shows that all considered algorithms suffer a deterioration in localization accuracy with the increase of Δ (m), since every successful malicious deed leads to a greater mistake in localization estimation.Still, the proposed solution outperforms the existing ones for practically all considered Δ (m), although R-GTRS and LN-1 solutions are competitive for small-to-medium Δ (m).In terms of BIAS (m), Fig. 3(b) corroborates that the proposed method is one of the least biased ones.Regarding detection performance in the considered scenario, the proposed algorithms exhibit the lowest P CD performance, but likewise the lowest P F D performance.These results indicate that many times (especially for low Δ (m)) the proposed solution does not detect any attackers.Nonetheless, these results do not influence its localization performance, given that they come as a consequence of the final localization solution, unlike LC-GTRS and LN-1E that require an extra iteration with only genuine anchors.Similar as in the uncoordinated scenario, LC-GTRS is a "flip-a-coin" detection method.
Figs. 4 and 5 illustrate the effect of the proportion of the number of malicious anchors, N M , to the total number of anchors, N , on the localization error in the uncoordinated and coordinated scenarios, respectively.As one can see from these figures, the proposed solution outperforms the existing ones for any considered proportion of the malicious anchors in terms of localization error and shows the lowest P F D , while it exhibits somewhat lower P CD performance.Fig. 6 illustrates the CDF versus LE (m) performance comparison in the two considered scenarios, for fixed values of N = 50, σ = 15 (m), and Δ = 20 (m).From Fig. 6, it is obvious that the coordinated scenario is more demanding than the uncoordinated one, given that all methods suffer deterioration in their localization accuracy.Still, in both uncoordinated and coordinated scenarios, it can be seen that the proposed estimator outperforms the existing solutions, with a higher emphasis in uncoordinated setting.

C. Experimental Validation
This section presents an experimental study that was carried out by using KIO Real Time Location System equipment [32], which follows the IEEE802.15.4-2011-UWB communication standard and extracts the distance information from the time of flight measurements.In Fig. 7, the devices used in the experiment are presented: the target (on the left) and an anchor (on the right).The KIO kit included three anchors and a tag (target), which was used repeatedly at various locations in order to produce a realistic Authorized licensed use limited to the terms of the applicable license agreement with IEEE.Restrictions apply.Authorized licensed use limited to the terms of the applicable license agreement with IEEE.Restrictions apply.indoor scenario, as shown in Fig. 8.The measurement campaign was realized inside the Instituto Superior Técnico building at Taguspark campus, Oeiras, Portugal.
Authorized licensed use limited to the terms of the applicable license agreement with IEEE.Restrictions apply.Authorized licensed use limited to the terms of the applicable license agreement with IEEE.Restrictions apply.
After the data measurement campaign was performed, at most 4 anchors were randomly selected as corrupted and their malicious attacks were added posteriorly in the same manner as it was done in the computer simulation scenario explained in Section IV-B.Both uncoordinated and coordinated attack scenarios were considered and the results are presented in Figs. 9 and 10, respectively.The figures show that the proposed method performs significantly better than the existing ones for high attack intensities, while it matches the performance of the existing ones for low attack intensities.

D. Discussion
Even though the proposed approach outperforms the existing solutions in terms of localization accuracy in general, while achieving comparable success in attacker identification, it might be of interest to expose some of its limitations.Clearly, the proposed solution makes a hard decision regarding classification of an anchor as a genuine or malicious.However, it could be of interest to try to implement some kind of a soft decision, where anchors would be classified probabilistically and one could exploit these probabilities as weights to perhaps repeat the main procedure and accomplish further enhancement of its performance from both localization and detection perspectives.It is intuitively clear that the proposed method can endure malicious attacks of up to 50% of all anchors, especially in the case of coordinated attacks.However, this is a common limitation to all existing methods that might not be possible to surpass.Another particularity of the proposed solution is that it is executed iteratively.Hence, it might be possible in some settings that the proposed solution converges slowly enough to not reach its optimal value within the predefined maximum number of iterations, given the high degree of difficulty of the problem at hand and relatively high number of variables that are involved.Nevertheless, this issue could be circumvented by simply increasing the maximum number of iterations to give the algorithm enough time to converge.

V. CONCLUSION
This work presented an elegant ADMM approach to combat the localization problem in the presence of malicious attackers that try to spoof the localization process.The proposed approach is based on two main building blocks: 1) transforming the original unconstrained optimization problem into an equivalent, but smooth constrained problem via a variable splitting procedure; 2) addressing the derived constrained problem by exploiting the benefits of dual decomposition and augmented Lagrangian methods.Two types of spoofing attacks were under scrutiny, uncoordinated (in which every attacker acts independently) and coordinated (a set of attackers act in conjunction).Since one cannot know under which type of attack the network is beforehand, the proposed solution was tested in both settings in a simulation and an experimental environment, were it showed superior performance than the state-of-the-art methods in terms of localization accuracy.To distinguish between genuine and malicious devices, the proposed approach adopted GLRT and achieved competitive results in terms of correct detection in uncoordinated attack scenario, while somewhat lower detection success was achieved in a coordinated attack setting.At the same time, the new estimator accomplished significantly reduced false detection in both considered setting.

Fig. 1 .
Fig. 1.Illustration of the determination process of ẍ: θ (rad) and Δ (m) respectively denote arbitrarily chosen angle and radius around x.

Fig. 2 .
Fig. 2. Performance comparison for variable N in an uncoordinated attack scenario, when σ = 15 (m) and Δ = 20 (m).(a) RMSE (m) versus N illustration (b) BIAS (m) versus N illustration (c) P CD versus N illustration(d) P F D versus N illustration.