Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
126 tokens/sec
GPT-4o
47 tokens/sec
Gemini 2.5 Pro Pro
43 tokens/sec
o3 Pro
4 tokens/sec
GPT-4.1 Pro
47 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

Adversarial Robustness of Distilled and Pruned Deep Learning-based Wireless Classifiers (2404.15344v1)

Published 11 Apr 2024 in eess.SP, cs.CR, cs.IT, cs.LG, math.IT, and stat.ML

Abstract: Data-driven deep learning (DL) techniques developed for automatic modulation classification (AMC) of wireless signals are vulnerable to adversarial attacks. This poses a severe security threat to the DL-based wireless systems, specifically for edge applications of AMC. In this work, we address the joint problem of developing optimized DL models that are also robust against adversarial attacks. This enables efficient and reliable deployment of DL-based AMC on edge devices. We first propose two optimized models using knowledge distillation and network pruning, followed by a computationally efficient adversarial training process to improve the robustness. Experimental results on five white-box attacks show that the proposed optimized and adversarially trained models can achieve better robustness than the standard (unoptimized) model. The two optimized models also achieve higher accuracy on clean (unattacked) samples, which is essential for the reliability of DL-based solutions at edge applications.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (21)
  1. W. G. Hatcher and W. Yu, “A survey of deep learning: Platforms, applications and emerging research trends,” IEEE Access, vol. 6, pp. 24 411–24 432, 2018.
  2. T. O’Shea and N. West, “Radio machine learning dataset generation with GNU Radio,” in Proc. GNU Radio Conf., Boulder, CO, USA, Sep. 2016.
  3. N. E. West and T. O’shea, “Deep architectures for modulation recognition,” in Proc. IEEE Int. Symp. Dyn. Spectr. Access Netw. (DySPAN), Baltimore, MD, USA, Mar. 6-9, 2017, pp. 1–6.
  4. B. R. Manoj, G. Tian, S. Gunnarsson, F. Tufvesson, and E. G. Larsson, “Sensing and classification using massive MIMO: A tensor decomposition-based approach,” IEEE Wireless Commun. Letts., vol. 10, no. 12, pp. 2649–2653, Dec. 2021.
  5. L. Sanguinetti, A. Zappone, and M. Debbah, “Deep learning power allocation in massive MIMO,” in Proc. Asilomar Conf. on Signals, Systs., and Computers, Pacific Grove, CA, USA, Oct. 2018, pp. 1257–1261.
  6. Y. Cui, F. Liu, X. Jing, and J. Mu, “Integrating sensing and communications for ubiquitous IoT: Applications, trends, and challenges,” IEEE Network, vol. 35, no. 5, pp. 158–167, 2021.
  7. R. Mishra, H. P. Gupta, and T. Dutta, “A survey on deep neural network compression: Challenges, overview, and solutions,” Oct. 2020. [Online]. Available: https://arxiv.org/abs/2010.03954
  8. L. Pajola, L. Pasa, and M. Conti, “Threat is in the air: Machine learning for wireless network applications,” in Proc. of ACM Workshop on Wireless Security and Machine Learning, New York, NY, USA, 2019, pp. 16–21.
  9. X. Yuan, P. He, Q. Zhu, and X. Li, “Adversarial examples: Attacks and defenses for deep learning,” IEEE Trans. Neural Netw. Learn. Syst., vol. 30, no. 9, pp. 2805–2824, 2019.
  10. M. Sadeghi and E. G. Larsson, “Adversarial attacks on deep-learning based radio signal classification,” IEEE Wireless Commun. Letts., vol. 8, no. 1, pp. 213–216, Aug. 2018.
  11. O. A. Dobre, A. Abdi, Y. Bar-Ness, and W. Su, “Survey of automatic modulation classification techniques: Classical approaches and new trends,” IET communications, vol. 1, no. 2, pp. 137–156, Apr. 2007.
  12. Z. Zhang et al., “Automatic modulation classification using CNN-LSTM based dual-stream structure,” IEEE Trans. Veh. Technol., vol. 69, no. 11, pp. 13 521–13 531, Nov. 2020.
  13. S. Hamidi-Rad and S. Jain, “Mcformer: A transformer based deep neural network for automatic modulation classification,” in Proc. IEEE Global Communications Conference (GLOBECOM), Madrid, Spain, Dec. 7-11, 2021, pp. 1–6.
  14. A. Bahramali, M. Nasr, A. Houmansadr, D. Goeckel, and D. Towsley, “Robust adversarial attacks against DNN-based wireless communication systems,” in Proc. ACM SIGSAC Conf. Comput. Commun. Secur., New York, NY, USA, 2021, pp. 126–140.
  15. B. R. Manoj, P. M. Santos, M. Sadeghi, and E. G. Larsson, “Toward robust networks against adversarial attacks for radio signal modulation classification,” in Proc. IEEE 23rd Int. Workshop Signal Process. Adv. Wireless Commun., Oulu, Finland, 2022, pp. 1–5.
  16. J. Maroto, G. Bovet, and P. Frossard, “SafeAMC: Adversarial training for robust modulation recognition models,” 2021. [Online]. Available: https://arxiv.org/abs/2105.13746
  17. Z. Wang, W. Liu, and H.-M. Wang, “GAN against adversarial attacks in radio signal classification,” IEEE Commun. Letts., vol. 26, no. 12, pp. 2851–2854, 2022.
  18. Y. Dong, F. Liao, T. Pang, H. Su, J. Zhu, X. Hu, and J. Li, “Boosting adversarial attacks with momentum,” in Proc. IEEE Conf. Comput. Vis. Pattern Recognit.(CVPR), Salt Lake City, UT, USA, Jun. 2018.
  19. G. Hinton, O. Vinyals, and J. Dean, “Distilling the knowledge in a neural network,” Mar. 2015. [Online]. Available: https://arxiv.org/abs/1503.02531
  20. L. Beyer et al., “Knowledge distillation: A good teacher is patient and consistent,” in Proc. IEEE Conf. on Comp. Vis. and Patt. Recog. (CVPR), New Orleans, LA, USA, Jun. 2022, pp. 10 925–10 934.
  21. A. Aghasi et al., “Net-trim: Convex pruning of deep neural networks with performance guarantee,” in Proc. Adv. Neural. Inf. Process. Syst. (NIPS), Long Beach, CA, USA, Dec. 4-7, 2017, pp. 3180–3189.

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now
X Twitter Logo Streamline Icon: https://streamlinehq.com

Tweets