UNICA IRIS Institutional Research Information System

Deep learning algorithms have been shown to be powerful in many communication network design problems, including that in automatic modulation classification. However, they are vulnerable to carefully crafted attacks called adversarial examples. Hence, the reliance of wireless networks on deep learning algorithms poses a serious threat to the security and operation of wireless networks. In this letter, we propose for the first time a countermeasure against adversarial examples in modulation classification. Our countermeasure is based on a neural rejection technique, augmented by label smoothing and Gaussian noise injection, that allows to detect and reject adversarial examples with high accuracy. Our results demonstrate that the proposed countermeasure can protect deep-learning based modulation classification systems against adversarial examples.

Countermeasures Against Adversarial Examples in Radio Signal Classification

Zhang, Lu;Lambotharan, Sangarapillai;Zheng, Gan;AsSadhan, Basil;Roli, Fabio^Ultimo

2021-01-01

Abstract

Deep learning algorithms have been shown to be powerful in many communication network design problems, including that in automatic modulation classification. However, they are vulnerable to carefully crafted attacks called adversarial examples. Hence, the reliance of wireless networks on deep learning algorithms poses a serious threat to the security and operation of wireless networks. In this letter, we propose for the first time a countermeasure against adversarial examples in modulation classification. Our countermeasure is based on a neural rejection technique, augmented by label smoothing and Gaussian noise injection, that allows to detect and reject adversarial examples with high accuracy. Our results demonstrate that the proposed countermeasure can protect deep-learning based modulation classification systems against adversarial examples.

Scheda breve

Scheda completa

Scheda completa (DC)

	Anno di pubblicazione
	
				2021
			
	Parole chiave
	
				Modulation; Perturbation methods; Receivers; Training; Smoothing methods; Radio transmitters; Noise measurement; Deep learning; adversarial examples; radio modulation classification; neural rejection; label smoothing
			
	Tipologia:
	
				1.1 Articolo in rivista

File in questo prodotto:

File	Dimensione	Formato
Countermeasures_Against_Adversarial_Examples_in_Radio_Signal_Classification-3.pdf Solo gestori archivio Tipologia: versione editoriale (VoR) Dimensione 983.55 kB Formato Adobe PDF Visualizza/Apri Richiedi una copia	983.55 kB	Adobe PDF	Visualizza/Apri Richiedi una copia
postprint+radiosignal(3) (2).pdf accesso aperto Tipologia: versione post-print (AAM) Dimensione 2.71 MB Formato Adobe PDF Visualizza/Apri	2.71 MB	Adobe PDF	Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11584/390443

Citazioni

ND

19

17

social impact