Related papers: Privacy-Preserving Semantic Communications via Multi-Task Learning and Adversarial Perturbations

Privacy-Preserving Semantic Communications via Multi-Task Learning and Adversarial Perturbations

URL: http://arxiv.org/abs/2512.24452v1
Date: Tue, 30 Dec 2025 20:19:49 GMT
Title: Privacy-Preserving Semantic Communications via Multi-Task Learning and Adversarial Perturbations
Authors: Yalin E. Sagduyu, Tugba Erpek, Aylin Yener, Sennur Ulukus,
Abstract summary: This paper presents a deep learning-based semantic communication framework.<n>It supports multiple receiver tasks while explicitly limiting semantic leakage to an eavesdropper.<n>A perturbation layer is successful in reducing semantic leakage even when the legitimate link is trained only for its own task.
Score: 49.494000480610225
License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
Abstract: Semantic communications conveys task-relevant meaning rather than focusing solely on message reconstruction, improving bandwidth efficiency and robustness for next-generation wireless systems. However, learned semantic representations can still leak sensitive information to unintended receivers (eavesdroppers). This paper presents a deep learning-based semantic communication framework that jointly supports multiple receiver tasks while explicitly limiting semantic leakage to an eavesdropper. The legitimate link employs a learned encoder at the transmitter, while the receiver trains decoders for semantic inference and data reconstruction. The security problem is formulated via an iterative min-max optimization in which an eavesdropper is trained to improve its semantic inference, while the legitimate transmitter-receiver pair is trained to preserve task performance while reducing the eavesdropper's success. We also introduce an auxiliary layer that superimposes a cooperative, adversarially crafted perturbation on the transmitted waveform to degrade semantic leakage to an eavesdropper. Performance is evaluated over Rayleigh fading channels with additive white Gaussian noise using MNIST and CIFAR-10 datasets. Semantic accuracy and reconstruction quality improve with increasing latent dimension, while the min-max mechanism reduces the eavesdropper's inference performance significantly without degrading the legitimate receiver. The perturbation layer is successful in reducing semantic leakage even when the legitimate link is trained only for its own task. This comprehensive framework motivates semantic communication designs with tunable, end-to-end privacy against adaptive adversaries in realistic wireless settings.

Related papers

Shuffling for Semantic Secrecy [12.708217189207828]
We devise a novel semantic security communication system wherein the random shuffling pattern plays the role of the shared secret key.<n>The proposed random shuffling method also exhibits its flexibility in working for the existing semantic communication system as a plugin.
arXiv Detail & Related papers (2025-07-10T03:42:17Z)
Diffusion-aided Task-oriented Semantic Communications with Model Inversion Attack [8.014010065113707]
We propose DiffSem, a diffusion-aided framework for task-oriented semantic communication.<n>DiffSem integrates a transmitter-side self-noising mechanism that adaptively regulates semantic content while compensating for channel noise.<n>Our experiments demonstrate that DiffSem enables the legitimate receiver to achieve higher accuracy, thereby validating the superior performance of the proposed framework.
arXiv Detail & Related papers (2025-06-24T05:21:27Z)
Task-Adaptive Semantic Communications with Controllable Diffusion-based Data Regeneration [45.55410059471241]
Next-generation networking shifts bit-wise data delivery to conveying semantic meanings for bandwidth efficiency.<n>This work presents a novel task-adaptive semantic communication framework based on diffusion models.<n>Test results demonstrate the efficacy of the proposed method in adaptively preserving task-relevant information for semantic communications.
arXiv Detail & Related papers (2025-05-12T18:23:53Z)
Secure Semantic Communication via Paired Adversarial Residual Networks [59.468221305630784]
This letter explores the positive side of the adversarial attack for the security-aware semantic communication system. A pair of matching pluggable modules is installed: one after the semantic transmitter and the other before the semantic receiver. The proposed scheme is capable of fooling the eavesdropper while maintaining the high-quality semantic communication.
arXiv Detail & Related papers (2024-07-02T08:32:20Z)
Generative AI-aided Joint Training-free Secure Semantic Communications via Multi-modal Prompts [89.04751776308656]
This paper proposes a GAI-aided SemCom system with multi-model prompts for accurate content decoding. In response to security concerns, we introduce the application of covert communications aided by a friendly jammer.
arXiv Detail & Related papers (2023-09-05T23:24:56Z)
Vulnerabilities of Deep Learning-Driven Semantic Communications to Backdoor (Trojan) Attacks [70.51799606279883]
This paper highlights vulnerabilities of deep learning-driven semantic communications to backdoor (Trojan) attacks. Backdoor attack can effectively change the semantic information transferred for poisoned input samples to a target meaning. Design guidelines are presented to preserve the meaning of transferred information in the presence of backdoor attacks.
arXiv Detail & Related papers (2022-12-21T17:22:27Z)
Is Semantic Communications Secure? A Tale of Multi-Domain Adversarial Attacks [70.51799606279883]
We introduce test-time adversarial attacks on deep neural networks (DNNs) for semantic communications. We show that it is possible to change the semantics of the transferred information even when the reconstruction loss remains low.
arXiv Detail & Related papers (2022-12-20T17:13:22Z)
Robust Semantic Communications with Masked VQ-VAE Enabled Codebook [56.63571713657059]
We propose a framework for the robust end-to-end semantic communication systems to combat the semantic noise. To combat the semantic noise, the adversarial training with weight is developed to incorporate the samples with semantic noise in the training dataset. We develop a feature importance module (FIM) to suppress the noise-related and task-unrelated features.
arXiv Detail & Related papers (2022-06-08T16:58:47Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.