Boosting Robustness in Automatic Modulation Recognition for Wireless Communications

IF 7 1区计算机科学 Q1 TELECOMMUNICATIONS IEEE Transactions on Cognitive Communications and Networking Pub Date : 2024-11-14 DOI:10.1109/TCCN.2024.3499362

Yuhang Zhao;Yajie Wang;Chuan Zhang;Chunhai Li;Zehui Xiong;Liehuang Zhu;Dusit Niyato

{"title":"Boosting Robustness in Automatic Modulation Recognition for Wireless Communications","authors":"Yuhang Zhao;Yajie Wang;Chuan Zhang;Chunhai Li;Zehui Xiong;Liehuang Zhu;Dusit Niyato","doi":"10.1109/TCCN.2024.3499362","DOIUrl":null,"url":null,"abstract":"In the radio frequency field, deep neural networks have been widely used for automatic modulation recognition tasks due to their superior accuracy. However, it has been shown that these models are susceptible to adversarial examples, which are the kinds of carefully crafted perturbations that can lead to model misclassification and raise security issues in applications. To solve this problem, we propose an Ultra-Fusion Adversarial Training method, which combines adversarial training and ensemble learning to enable the model robustness to withstand different attack strengths. We explore the number and distribution of ensembled attacks and introduce a Fermi-function-like distribution to optimally balance the performance of different attack strengths. Additionally, we investigate the effect of the signal-to-noise ratio (SNR) interval on the model accuracy and robustness, suggesting the effective SNR interval for training. Considering the demand for practical application scenarios of modulation recognition, we propose a comprehensive robustness metric based on weighted integral to evaluate the robustness of the trained models. Numerical experiments demonstrate that our method improves the model’s robustness by 31.89% against white-box attacks, and achieves up to an 80.54% improvement in black-box scenarios. These results show that our method has the ability to resiliently resist potential attacks of various strengths and can be applied to spectrum application scenarios with high-security requirements.","PeriodicalId":13069,"journal":{"name":"IEEE Transactions on Cognitive Communications and Networking","volume":"11 3","pages":"1635-1648"},"PeriodicalIF":7.0000,"publicationDate":"2024-11-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Cognitive Communications and Networking","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10753459/","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"TELECOMMUNICATIONS","Score":null,"Total":0}

引用次数: 0

Abstract

In the radio frequency field, deep neural networks have been widely used for automatic modulation recognition tasks due to their superior accuracy. However, it has been shown that these models are susceptible to adversarial examples, which are the kinds of carefully crafted perturbations that can lead to model misclassification and raise security issues in applications. To solve this problem, we propose an Ultra-Fusion Adversarial Training method, which combines adversarial training and ensemble learning to enable the model robustness to withstand different attack strengths. We explore the number and distribution of ensembled attacks and introduce a Fermi-function-like distribution to optimally balance the performance of different attack strengths. Additionally, we investigate the effect of the signal-to-noise ratio (SNR) interval on the model accuracy and robustness, suggesting the effective SNR interval for training. Considering the demand for practical application scenarios of modulation recognition, we propose a comprehensive robustness metric based on weighted integral to evaluate the robustness of the trained models. Numerical experiments demonstrate that our method improves the model’s robustness by 31.89% against white-box attacks, and achieves up to an 80.54% improvement in black-box scenarios. These results show that our method has the ability to resiliently resist potential attacks of various strengths and can be applied to spectrum application scenarios with high-security requirements.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

提升无线通信自动调制识别的鲁棒性

在射频领域，深度神经网络以其优越的精度被广泛应用于自动调制识别任务。然而，已经表明，这些模型容易受到对抗性示例的影响，这是一种精心设计的扰动，可能导致模型错误分类并在应用程序中提出安全问题。为了解决这一问题，我们提出了一种超融合对抗训练方法，该方法将对抗训练和集成学习相结合，使模型能够承受不同的攻击强度。我们探索了集成攻击的数量和分布，并引入了一个类似费米函数的分布，以最佳地平衡不同攻击强度的性能。此外，我们还研究了信噪比（SNR）区间对模型精度和鲁棒性的影响，提出了有效的训练信噪比区间。考虑到调制识别实际应用场景的需求，提出了一种基于加权积分的综合鲁棒性度量来评价训练模型的鲁棒性。数值实验表明，该方法对白盒攻击的鲁棒性提高了31.89%，对黑盒攻击的鲁棒性提高了80.54%。结果表明，该方法具有弹性抵御各种强度潜在攻击的能力，可应用于对安全性要求较高的频谱应用场景。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

IEEE Transactions on Cognitive Communications and Networking Computer Science-Artificial Intelligence

CiteScore

15.50

自引率

7.00%

发文量

108

期刊介绍： The IEEE Transactions on Cognitive Communications and Networking (TCCN) aims to publish high-quality manuscripts that push the boundaries of cognitive communications and networking research. Cognitive, in this context, refers to the application of perception, learning, reasoning, memory, and adaptive approaches in communication system design. The transactions welcome submissions that explore various aspects of cognitive communications and networks, focusing on innovative and holistic approaches to complex system design. Key topics covered include architecture, protocols, cross-layer design, and cognition cycle design for cognitive networks. Additionally, research on machine learning, artificial intelligence, end-to-end and distributed intelligence, software-defined networking, cognitive radios, spectrum sharing, and security and privacy issues in cognitive networks are of interest. The publication also encourages papers addressing novel services and applications enabled by these cognitive concepts.