The Model Inversion Eavesdropping Attack in Semantic Communication Systems

• URL: http://arxiv.org/abs/2308.04304v1
• Date: Tue, 8 Aug 2023 14:50:05 GMT
• Title: The Model Inversion Eavesdropping Attack in Semantic Communication Systems
• Authors: Yuhao Chen, Qianqian Yang, Zhiguo Shi and Jiming Chen
• Abstract summary: We introduce the model inversion eavesdropping attack (MIEA) to reveal the risk of privacy leaks in the semantic communication system. MIEA reconstructs the raw message, where both the white-box and black-box settings are considered. We propose a defense method based on random permutation and substitution to defend against MIEA.
• Score: 19.385375706864334
• License: http://creativecommons.org/publicdomain/zero/1.0/
• Abstract: In recent years, semantic communication has been a popular research topic for its superiority in communication efficiency. As semantic communication relies on deep learning to extract meaning from raw messages, it is vulnerable to attacks targeting deep learning models. In this paper, we introduce the model inversion eavesdropping attack (MIEA) to reveal the risk of privacy leaks in the semantic communication system. In MIEA, the attacker first eavesdrops the signal being transmitted by the semantic communication system and then performs model inversion attack to reconstruct the raw message, where both the white-box and black-box settings are considered. Evaluation results show that MIEA can successfully reconstruct the raw message with good quality under different channel conditions. We then propose a defense method based on random permutation and substitution to defend against MIEA in order to achieve secure semantic communication. Our experimental results demonstrate the effectiveness of the proposed defense method in preventing MIEA.

Related papers

• Secure Semantic Communication via Paired Adversarial Residual Networks [59.468221305630784]
  This letter explores the positive side of the adversarial attack for the security-aware semantic communication system. A pair of matching pluggable modules is installed: one after the semantic transmitter and the other before the semantic receiver. The proposed scheme is capable of fooling the eavesdropper while maintaining the high-quality semantic communication.
  arXiv  Detail & Related papers  (2024-07-02T08:32:20Z)
• Backdoor Attacks and Defenses on Semantic-Symbol Reconstruction in Semantic Communications [27.444926954449336]
  This paper delves into backdoor attacks targeting deep learning-enabled semantic communication systems. A new backdoor attack paradigm on semantic symbols (BASS) is introduced. reverse engineering-based and pruning-based defense strategies are designed to protect against BASS.
  arXiv  Detail & Related papers  (2024-04-20T05:32:55Z)
• Generative AI-aided Joint Training-free Secure Semantic Communications via Multi-modal Prompts [89.04751776308656]
  This paper proposes a GAI-aided SemCom system with multi-model prompts for accurate content decoding. In response to security concerns, we introduce the application of covert communications aided by a friendly jammer.
  arXiv  Detail & Related papers  (2023-09-05T23:24:56Z)
• SemProtector: A Unified Framework for Semantic Protection in Deep Learning-based Semantic Communication Systems [51.97204522852634]
  We present a unified framework that aims to secure an online semantic communications system with three semantic protection modules. Specifically, these protection modules are able to encrypt semantics to be transmitted by an encryption method, mitigate privacy risks from wireless channels by a perturbation mechanism, and calibrate distorted semantics at the destination. Our framework enables an existing online SC system to dynamically assemble the above three pluggable modules to meet customized semantic protection requirements.
  arXiv  Detail & Related papers  (2023-09-04T06:34:43Z)
• Covert Communication Based on the Poisoning Attack in Federated Learning [21.596265153097352]
  In deep learning, many methods have been developed for hiding information in models to achieve covert communication. We propose a novel method for covert communication in federated learning based on the poisoning attack. Our approach achieves 100% accuracy in covert message transmission between two clients and is shown to be both stealthy and robust.
  arXiv  Detail & Related papers  (2023-06-02T08:11:32Z)
• Model-free Reinforcement Learning of Semantic Communication by Stochastic Policy Gradient [9.6403215177092]
  The idea of semantic communication by Weaver from 1949 has gained attention. We apply the Policy Gradient (SPG) to design a semantic communication system. We derive the use of both classic and semantic communication from the mutual information between received and target variables.
  arXiv  Detail & Related papers  (2023-05-05T14:27:58Z)
• Cognitive Semantic Communication Systems Driven by Knowledge Graph: Principle, Implementation, and Performance Evaluation [74.38561925376996]
  Two cognitive semantic communication frameworks are proposed for the single-user and multiple-user communication scenarios. An effective semantic correction algorithm is proposed by mining the inference rule from the knowledge graph. For the multi-user cognitive semantic communication system, a message recovery algorithm is proposed to distinguish messages of different users.
  arXiv  Detail & Related papers  (2023-03-15T12:01:43Z)
• TransFool: An Adversarial Attack against Neural Machine Translation Models [49.50163349643615]
  We investigate the vulnerability of Neural Machine Translation (NMT) models to adversarial attacks and propose a new attack algorithm called TransFool. We generate fluent adversarial examples in the source language that maintain a high level of semantic similarity with the clean samples. Based on automatic and human evaluations, TransFool leads to improvement in terms of success rate, semantic similarity, and fluency compared to the existing attacks.
  arXiv  Detail & Related papers  (2023-02-02T08:35:34Z)
• Certifiably Robust Policy Learning against Adversarial Communication in Multi-agent Systems [51.6210785955659]
  Communication is important in many multi-agent reinforcement learning (MARL) problems for agents to share information and make good decisions. However, when deploying trained communicative agents in a real-world application where noise and potential attackers exist, the safety of communication-based policies becomes a severe issue that is underexplored. In this work, we consider an environment with $N$ agents, where the attacker may arbitrarily change the communication from any $CfracN-12$ agents to a victim agent.
  arXiv  Detail & Related papers  (2022-06-21T07:32:18Z)
• Semantic Information Recovery in Wireless Networks [8.508198765617195]
  We present an ML-based semantic communication system SINFONY. SINFONY communicates the meaning behind multiple messages to a single receiver for semantic recovery. Numerical results reveal a tremendous rate-normalized SNR shift up to 20 dB compared to classically designed communication systems.
  arXiv  Detail & Related papers  (2022-04-28T09:17:50Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.