Analysis and Detection of RIS-based Spoofing in Integrated Sensing and Communication (ISAC)

Integrated sensing and communication (ISAC) is a key feature of next-generation 6G wireless systems, allowing them to achieve high data rates and sensing accuracy. While prior research has primarily focused on addressing communication safety in ISAC systems, the equally critical issue of sensing safety remains largely under-explored. In this paper, the possibility of spoofing the sensing function of ISAC in vehicle networks is examined, whereby a malicious reconfigurable intelligent surface (RIS) is deployed to compromise the sensing functionality of a roadside unit (RSU). For this scenario, the requirements on the malicious RIS' phase shifts design and number of reflecting elements are analyzed. Under such spoofing, the practical estimation bias of the vehicular user (VU)'s Doppler shift and angle-of-departure (AoD) for an arbitrary time slot is analytically derived. Moreover, from the attacker's view, a Markov decision process (MDP) is formulated to optimize the RIS' phase shifts design. The goal of this MDP is to generate complete and plausible fake trajectories by incorporating the concept of spatial-temporal consistency. To defend against this sensing spoofing attack, a signal temporal logic (STL)-based neuro-symbolic attack detection framework is proposed and shown to learn interoperable formulas for identifying spoofed trajectories.