Related papers: Adversarial Attacks with Multiple Antennas Against Deep Learning-Based Modulation Classifiers

Adversarial Attacks with Multiple Antennas Against Deep Learning-Based Modulation Classifiers

URL: http://arxiv.org/abs/2007.16204v1
Date: Fri, 31 Jul 2020 17:56:50 GMT
Title: Adversarial Attacks with Multiple Antennas Against Deep Learning-Based Modulation Classifiers
Authors: Brian Kim and Yalin E. Sagduyu and Tugba Erpek and Kemal Davaslioglu and Sennur Ulukus
Abstract summary: We show how to utilize multiple antennas at the adversary to improve the adversarial (evasion) attack performance. We introduce an attack to transmit the adversarial perturbation through the channel with the largest channel gain at the symbol level.
Score: 43.156901821548935
License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
Abstract: We consider a wireless communication system, where a transmitter sends signals to a receiver with different modulation types while the receiver classifies the modulation types of the received signals using its deep learning-based classifier. Concurrently, an adversary transmits adversarial perturbations using its multiple antennas to fool the classifier into misclassifying the received signals. From the adversarial machine learning perspective, we show how to utilize multiple antennas at the adversary to improve the adversarial (evasion) attack performance. Two main points are considered while exploiting the multiple antennas at the adversary, namely the power allocation among antennas and the utilization of channel diversity. First, we show that multiple independent adversaries, each with a single antenna cannot improve the attack performance compared to a single adversary with multiple antennas using the same total power. Then, we consider various ways to allocate power among multiple antennas at a single adversary such as allocating power to only one antenna, and proportional or inversely proportional to the channel gain. By utilizing channel diversity, we introduce an attack to transmit the adversarial perturbation through the channel with the largest channel gain at the symbol level. We show that this attack reduces the classifier accuracy significantly compared to other attacks under different channel conditions in terms of channel variance and channel correlation across antennas. Also, we show that the attack success improves significantly as the number of antennas increases at the adversary that can better utilize channel diversity to craft adversarial attacks.

Related papers

DEFORM: A Practical, Universal Deep Beamforming System [4.450750414447688]
We introduce, design, and evaluate a set of universal receiver beamforming techniques. Our approach and system DEFORM, a Deep Learning (DL) based RX beamforming achieves significant gain for multi antenna RF receivers.
arXiv Detail & Related papers (2022-03-18T03:52:18Z)
Adversarial Robustness of Deep Reinforcement Learning based Dynamic Recommender Systems [50.758281304737444]
We propose to explore adversarial examples and attack detection on reinforcement learning-based interactive recommendation systems. We first craft different types of adversarial examples by adding perturbations to the input and intervening on the casual factors. Then, we augment recommendation systems by detecting potential attacks with a deep learning-based classifier based on the crafted data.
arXiv Detail & Related papers (2021-12-02T04:12:24Z)
Adversarial Attacks against Deep Learning Based Power Control in Wireless Communications [45.24732440940411]
We consider adversarial machine learning based attacks on power allocation where the base station (BS) allocates its transmit power to multiple subcarriers. We show that adversarial attacks are much more effective than the benchmark attack in terms of reducing the rate of communications.
arXiv Detail & Related papers (2021-09-16T17:54:16Z)
Channel Effects on Surrogate Models of Adversarial Attacks against Wireless Signal Classifiers [42.56367378986028]
We consider a wireless communication system that consists of a background emitter, a transmitter, and an adversary. The adversary generates adversarial attacks to fool the transmitter into misclassifying the channel as idle. We consider different topologies to investigate how different surrogate models that are trained by the adversary affect the performance of the adversarial attack.
arXiv Detail & Related papers (2020-12-03T18:46:28Z)
Deep Learning Based Antenna Selection for Channel Extrapolation in FDD Massive MIMO [54.54508321463112]
In massive multiple-input multiple-output (MIMO) systems, the large number of antennas would bring a great challenge for the acquisition of the accurate channel state information. We utilize the neural networks (NNs) to capture the inherent connection between the uplink and downlink channel data sets and extrapolate the downlink channels from a subset of the uplink channel state information. We study the antenna subset selection problem in order to achieve the best channel extrapolation and decrease the data size of NNs.
arXiv Detail & Related papers (2020-09-03T13:38:52Z)
Adversarial Attacks and Detection on Reinforcement Learning-Based Interactive Recommender Systems [47.70973322193384]
Adversarial attacks pose significant challenges for detecting them at an early stage. We propose attack-agnostic detection on reinforcement learning-based interactive recommendation systems. We first craft adversarial examples to show their diverse distributions and then augment recommendation systems by detecting potential attacks.
arXiv Detail & Related papers (2020-06-14T15:41:47Z)
Channel-Aware Adversarial Attacks Against Deep Learning-Based Wireless Signal Classifiers [43.156901821548935]
This paper presents channel-aware adversarial attacks against deep learning-based wireless signal classifiers. A certified defense based on randomized smoothing that augments training data with noise is introduced to make the modulation classifier robust to adversarial perturbations.
arXiv Detail & Related papers (2020-05-11T15:42:54Z)
Over-the-Air Adversarial Attacks on Deep Learning Based Modulation Classifier over Wireless Channels [43.156901821548935]
We consider a wireless communication system that consists of a transmitter, a receiver, and an adversary. In the meantime, the adversary makes over-the-air transmissions that are received as superimposed with the transmitter's signals. We present how to launch a realistic evasion attack by considering channels from the adversary to the receiver.
arXiv Detail & Related papers (2020-02-05T18:45:43Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.