Optical networks are vulnerable to a range of attacks targeting service disruption at the physical layer, such as the insertion of harmful signals that can propagate through the network and affect co-propagating channels. Detection of such attacks and localization of their source, a prerequisite for secure network operation, is a challenging task due to the limitations in optical performance monitoring, as well as the scalability and cost issues. In this paper, we propose an approach for localizing the source of a jamming attack by modeling the worst-case scope of each connection as a potential carrier of a harmful signal. We define binary words called attack syndromes to model the health of each connection at the receiver which, when unique, unambiguously identify the harmful connection. To ensure attack syndrome uniqueness, we propose an optimization approach to design attack monitoring trails such that their number and length is minimal. This allows us to use the optical network as a sensor for physical-layer attacks. Numerical simulation results indicate that our approach obtains network-wide attack source localization at only 5.8% average resource overhead for the attack monitoring trails.