nach oben

Wireless Networks

Erschienen in:

22.03.2023

Adversarial defense method based on ensemble learning for modulation signal intelligent recognition

verfasst von: Chao Han, Ruoxi Qin, Linyuan Wang, Weijia Cui, Jian Chen, Bin Yan

Erschienen in: Wireless Networks | Ausgabe 7/2023

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Modulation signal intelligent recognition model based on deep learning is widely used in the field of radio signal intelligent processing, but the adversarial attack has become a huge security threat. In order to promote the safe and reliable application of the modulation recognition intelligent model, it is necessary to study its adversarial defense technology. An adversarial defense method based on ensemble learning for modulation signal intelligent recognition model is proposed in this paper. Specifically, this method is achieved by combining multiple defense models such as adversarial training, defensive distillation, and noise smoothing. Variety of attack algorithms in both the white-box and black-box scenarios under different intensities of perturbation and different signal-to-noise ratios are carried out to verify the robustness performance of the proposed method. Strikingly, the accuracy of the model is improved to over 80% when the SNR is above 0 dB under Carlini and Wagner attack.

Vorheriger Artikel Slice combination convolutional neural network based radio frequency fingerprint identification for Internet of Things

Nächster Artikel Abnormal nodes sensing model in regional wireless networks based on convolutional neural network

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Hou, C., Liu, G., Tian, Q., Zhou, Z., Hua, L., & Lin, Y. (2022). Multi-signal modulation classification using sliding window detection and complex convolutional network in frequency domain. IEEE Internet of Things Journal, 9(19), 19438–19449.CrossRef

Liu, S., Gao, P., Li, Y., et al. (2023). Multi-modal fusion network with complementarity and importance for emotion recognition. Information Sciences, 619, 679–694.CrossRef

Fu, X., Peng, Y., Liu, Y., Lin, Y., Gui, G., Gacanin, H., & Adachi, F. (2023). Semi-supervised specific emitter identification method using metric-adversarial training. IEEE Internet of Things Journal.

Franco, H., Cobo-Kroenke, C., Welch, S., & Graciarena, M. (2020). Wideband spectral monitoring using deep learning. In Proceedings of the 2nd ACM workshop on wireless security and machine learning (pp. 19–24).

Omotere, O., Fuller, J., Qian, L., & Han, Z. (2018). Spectrum occupancy prediction in coexisting wireless systems using deep learning. In: IEEE 88th vehicular technology conference (pp. 1–7).

Liu, S., Huang, S., Wang, S., et al. (2023). Visual tracking in complex scenes: A location fusion mechanism based on the combination of multiple visual cognition flows. Information Fusion. https://doi.org/10.1016/j.inffus.2023.02.005CrossRef

Xu, Z., Han, G., Liu, L., et al. (2022). A lightweight specific emitter identification model for IIoT devices based on adaptive broad learning. IEEE Transactions on Industrial Informatics.

Wang, Y., Gui, G., Lin, Y., et al. (2022). Few-shot specific emitter identification via deep metric ensemble learning. IEEE Internet of Things Journal, 9(24), 24980–24994.CrossRef

Fu, X., Gui, G., Wang, Y., et al. (2022). Automatic modulation classification based on decentralized learning and ensemble learning. IEEE Transactions on Vehicular Technology, 71(7), 7942–7946.CrossRef

10.

Zhang, X., Zhao, H., Zhu, H., et al. (2022). NAS-AMR: Neural architecture search-based automatic modulation recognition for integrated sensing and communication systems. IEEE Transactions on Cognitive Communications and Networking, 8(3), 1374–1386.CrossRef

11.

O'shea, T. J., & West, N. (2016). Radio machine learning dataset generation with GNU radio. In Proceedings of the GNU radio conference (Vol. 1, No. 1).

12.

Bao, Z., Lin, Y., Zhang, S., et al. (2021). Threat of adversarial attacks on DL-based IoT device identification. IEEE Internet of Things Journal, 9(11), 9012–9024.CrossRef

13.

Szegedy, C., Zaremba, W., Sutskever, I., Bruna, J., Erhan, D., Goodfellow, I., & Fergus, R. (2013). Intriguing properties of neural networks. arXiv preprint arXiv:1312.6199.

14.

Sadeghi, M., & Larsson, E. G. (2018). Adversarial attacks on deep-learning based radio signal classification. IEEE Wireless Communications Letters, 8(1), 213–216.CrossRef

15.

Lin, Y., Zhao, H., Tu, Y., Mao, S., & Dou, Z. (2020). Threats of adversarial attacks in DNN-based modulation recognition. In IEEE conference on computer communications (pp. 2469–2478).

16.

Qi, P., Jiang, T., Wang, L., et al. (2022). Detection tolerant black-box adversarial attack against automatic modulation classification with deep learning. IEEE Transactions on Reliability, 71.2, 674–686.CrossRef

17.

Rana, M. M., Xiang, W., Wang, E., Li, X., & Choi, B. J. (2018). Internet of Things infrastructure for wireless power transfer systems. IEEE Access, 6, 19295–19303.CrossRef

18.

Tian, Q., Zhang, S., Mao, S., et al. (2022). Adversarial attacks and defenses for digital communication signals identification. Digital Communications and Networks.

19.

Kim, B., Sagduyu, Y. E., Davaslioglu, K., et al. (2021). Channel-aware adversarial attacks against deep learning-based wireless signal classifiers. IEEE Transactions on Wireless Communications, 21(6), 3868–3880.CrossRef

20.

Kokalj-Filipovic, S., Miller, R., & Vanhoy, G. (2019). Adversarial examples in RF deep learning: Detection and physical robustness. In IEEE global conference on signal and information processing (pp. 1–5).

21.

Carlini, N., & Wagner, D. (2017). Towards evaluating the robustness of neural networks. In IEEE symposium on security and privacy (pp. 39–57).

22.

Adesina, D., Hsieh, C. C., Sagduyu, Y. E., & Qian, L. (2022). Adversarial machine learning in wireless communications using RF data: A review. IEEE Communications Surveys and Tutorials.

23.

Goodfellow, I. J., Shlens, J., & Szegedy, C. (2014). Explaining and harnessing adversarial examples. In International conference on learning representations.

24.

Kurakin, A., Goodfellow, I. J., & Bengio, S. (2018). Adversarial examples in the physical world. In Artificial intelligence safety and security (pp. 99–112).

25.

Madry, A., Makelov, A., Schmidt, L., Tsipras, D., & Vladu, A. (2017). Towards deep learning models resistant to adversarial attacks. arXiv preprint arXiv:1706.06083.

26.

Dong, Y., Liao, F., Pang, T., Su, H., Zhu, J., Hu, X., & Li, J. (2018). Boosting adversarial attacks with momentum. In Proceedings of the IEEE conference on computer vision and pattern recognition (pp. 9185–9193).

27.

Hinton, G., Vinyals, O., & Dean, J. (2015). Distilling the knowledge in a neural network. arXiv preprint arXiv:1503.02531.

28.

Lecuyer, M., Atlidakis, V., Geambasu, R., Hsu, D., & Jana, S. (2019). Certified robustness to adversarial examples with differential privacy. In IEEE symposium on security and privacy (pp. 656–672).

29.

Yang, G., Duan, T., Hu, J. E., Salman, H., Razenshteyn, I., & Li, J. (2020). Randomized smoothing of all shapes and sizes. In International conference on machine learning (pp. 10693–10705).

30.

He, W., Wei, J., Chen, X., Carlini, N., & Song, D. (2017). Adversarial example defense: Ensembles of weak defenses are not strong. In 11th USENIX workshop on offensive technologies.

31.

Kuncheva, L. I., & Whitaker, C. J. (2003). Measures of diversity in classifier ensembles and their relationship with the ensemble accuracy. Machine learning, 51(2), 181–207.CrossRefMATH

32.

Kurakin, A., Goodfellow, I., Bengio, S., Dong, Y., Liao, F., Liang, M., et al. (2018). Adversarial attacks and defences competition. In The NIPS'17 competition: Building intelligent systems (pp. 195–231).

33.

Tramèr, F., Kurakin, A., Papernot, N., Goodfellow, I., Boneh, D., & McDaniel, P. (2017). Ensemble adversarial training: Attacks and defenses. arXiv preprint arXiv:1705.07204.

34.

Kannan, H., Kurakin, A., & Goodfellow, I. (2018). Adversarial logit pairing. arXiv preprint arXiv:1803.06373.

35.

Wang, Y., Zou, D., Yi, J., Bailey, J., Ma, X., & Gu, Q. (2019). Improving adversarial robustness requires revisiting misclassified examples. In International conference on learning representations.

36.

Papernot, N., McDaniel, P., Wu, X., Jha, S., & Swami, A. (2016). Distillation as a defense to adversarial perturbations against deep neural networks. In IEEE symposium on security and privacy (pp. 582–597).

37.

Gao, Q., Cao, Z., & Li, D. (2021). Defensive distillation based end-to-end auto-encoder communication system. In 7th international conference on computer and communications (pp. 109–114).

38.

Catak, F. O., Kuzlu, M., Catak, E., Cali, U., & Guler, O. (2022). Defensive distillation-based adversarial attack mitigation method for channel estimation using deep learning models in next-generation wireless networks. IEEE Access, 10, 98191–98203.CrossRef

39.

Cohen, J., Rosenfeld, E., & Kolter, Z. (2019). Certified adversarial robustness via randomized smoothing. In International conference on machine learning (pp. 1310–1320).

40.

Levine, A., & Feizi, S. (2020). (De)Randomized smoothing for certifiable defense against patch attacks. Neural Information Processing Systems, 33, 6465–6475.

41.

Jia, J., Cao, X., Wang, B., & Gong, N. Z. (2019). Certified robustness for top-k predictions against adversarial perturbations via randomized smoothing. In International conference on learning representations.

42.

Zhang, D., Ye, M., Gong, C., Zhu, Z., & Liu, Q. (2020). Black-box certification with randomized smoothing: A Functional Optimization based Framework. Neural Information Processing Systems, 33, 2316–2326.

43.

Maroto, J., Bovet, G., & Frossard, P. (2022). SafeAMC: Adversarial training for robust modulation classification recognition models. In 30th European signal processing conference (pp. 1636–1640).

Titel: Adversarial defense method based on ensemble learning for modulation signal intelligent recognition
verfasst von: Chao Han
Ruoxi Qin
Linyuan Wang
Weijia Cui
Jian Chen
Bin Yan
Publikationsdatum: 22.03.2023
Verlag: Springer US
Erschienen in: Wireless Networks / Ausgabe 7/2023
Print ISSN: 1022-0038
Elektronische ISSN: 1572-8196
DOI: https://doi.org/10.1007/s11276-023-03299-4

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 7/2023

EQRSRL: an energy-aware and QoS-based routing schema using reinforcement learning in IoMT

Nonlinear dimensionality reduction method of scheduling frequent information in wireless networks based on multilevel mapping

Assessment of speech communication interference effects under small sample conditions

Matched-filter design to improve self-interference cancellation in full-duplex communication systems

An intelligent box office predictor based on aspect-level sentiment analysis of movie review

Crown shaped edge multiband antenna design for 5G and X-Band applications