无线电信号调制分类中抗敌对攻击的鲁棒网络研究

2022 IEEE 23rd International Workshop on Signal Processing Advances in Wireless Communication (SPAWC) Pub Date : 2022-07-04 DOI:10.1109/spawc51304.2022.9833926

B. Manoj, P. M. Santos, Meysam Sadeghi, E. Larsson

{"title":"无线电信号调制分类中抗敌对攻击的鲁棒网络研究","authors":"B. Manoj, P. M. Santos, Meysam Sadeghi, E. Larsson","doi":"10.1109/spawc51304.2022.9833926","DOIUrl":null,"url":null,"abstract":"Deep learning (DL) is a powerful technique for many real-time applications, but it is vulnerable to adversarial attacks. Herein, we consider DL-based modulation classification, with the objective to create DL models that are robust against attacks. Specifically, we introduce three defense techniques: i) randomized smoothing, ii) hybrid projected gradient descent adversarial training, and iii) fast adversarial training, and evaluate them under both white-box (WB) and black-box (BB) attacks. We show that the proposed fast adversarial training is more robust and computationally efficient than the other techniques, and can create models that are extremely robust to practical (BB) attacks.","PeriodicalId":423807,"journal":{"name":"2022 IEEE 23rd International Workshop on Signal Processing Advances in Wireless Communication (SPAWC)","volume":"289 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-07-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Toward Robust Networks against Adversarial Attacks for Radio Signal Modulation Classification\",\"authors\":\"B. Manoj, P. M. Santos, Meysam Sadeghi, E. Larsson\",\"doi\":\"10.1109/spawc51304.2022.9833926\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Deep learning (DL) is a powerful technique for many real-time applications, but it is vulnerable to adversarial attacks. Herein, we consider DL-based modulation classification, with the objective to create DL models that are robust against attacks. Specifically, we introduce three defense techniques: i) randomized smoothing, ii) hybrid projected gradient descent adversarial training, and iii) fast adversarial training, and evaluate them under both white-box (WB) and black-box (BB) attacks. We show that the proposed fast adversarial training is more robust and computationally efficient than the other techniques, and can create models that are extremely robust to practical (BB) attacks.\",\"PeriodicalId\":423807,\"journal\":{\"name\":\"2022 IEEE 23rd International Workshop on Signal Processing Advances in Wireless Communication (SPAWC)\",\"volume\":\"289 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-07-04\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 IEEE 23rd International Workshop on Signal Processing Advances in Wireless Communication (SPAWC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/spawc51304.2022.9833926\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 IEEE 23rd International Workshop on Signal Processing Advances in Wireless Communication (SPAWC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/spawc51304.2022.9833926","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

摘要

深度学习(DL)对于许多实时应用来说是一项强大的技术，但它很容易受到对抗性攻击。在这里，我们考虑基于DL的调制分类，目的是创建对攻击具有鲁棒性的DL模型。具体来说，我们介绍了三种防御技术:i)随机平滑，ii)混合投影梯度下降对抗训练和iii)快速对抗训练，并在白盒(WB)和黑盒(BB)攻击下对它们进行了评估。我们表明，所提出的快速对抗训练比其他技术更具鲁棒性和计算效率，并且可以创建对实际(BB)攻击非常鲁棒的模型。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

Toward Robust Networks against Adversarial Attacks for Radio Signal Modulation Classification

Deep learning (DL) is a powerful technique for many real-time applications, but it is vulnerable to adversarial attacks. Herein, we consider DL-based modulation classification, with the objective to create DL models that are robust against attacks. Specifically, we introduce three defense techniques: i) randomized smoothing, ii) hybrid projected gradient descent adversarial training, and iii) fast adversarial training, and evaluate them under both white-box (WB) and black-box (BB) attacks. We show that the proposed fast adversarial training is more robust and computationally efficient than the other techniques, and can create models that are extremely robust to practical (BB) attacks.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2022 IEEE 23rd International Workshop on Signal Processing Advances in Wireless Communication (SPAWC)

自引率

0.00%

发文量

期刊最新文献

Secure Multi-Antenna Coded Caching Deep Transfer Learning Based Radio Map Estimation for Indoor Wireless Communications A New Outage Probability Bound for IR-HARQ and Its Application to Power Adaptation SPAWC 2022 Cover Page A Sequential Experience-driven Contextual Bandit Policy for MIMO TWAF Online Relay Selection