高级检索

    面向信号调制识别的对抗攻击与防御综述

    Survey on Adversarial Attack and Defense for Signal Modulation Recognition

    • 摘要: 随着深度学习的飞速发展,基于深度神经网络的信号调制识别任务成为无线通信领域研究热门.然而研究发现,深度神经网络模型极易受到对抗性扰动的影响,使调制识别任务失效.目前面向无线通信安全性的研究工作仍存在些许瓶颈问题与理论空白,源于无线通信固有的实验环境、数据结构与信号特征等多维度特性,不能将其他领域较为成熟的攻防方法简单迁移到信号对抗攻击中.本文作为第一篇面向信号调制识别领域的对抗攻防中文综述,全面总结目前为止该领域对抗攻击与防御技术研究工作,首次提出信号调制识别领域的通用对抗攻击分类框架与威胁模型,将该领域研究工作分类为物理自我防御式攻击和数字直接访问式攻击,并以二维图形式进行系统化整合与可视化展示,详细阐述对抗攻击方法、对抗样本生成技术与理论公式、对抗检测与防御技术最新的研究工作,系统提炼无线通信对抗攻击研究的三个维度特性并归纳相应的处理方法,最后总结面向信号调制识别的攻防安全领域在末来的研究发展方向.

       

      Abstract: With the rapid development of deep learning, signal modulation recognition based on deep neural networks has gained popularity in wireless communications research. However, it has been observed that the deep neural network model is vulnerable to adversarial perturbations, rendering the modulation identification task ineffective. Currently, there are theoretical gaps and bottlenecks in wireless communication security research. Due to the multidimensional nature of wireless communication, including factors such as experimental environments, data structures, and signal characteristics, it is not feasible to transfer the established attack and defense methods from other domains to signal countermeasures. In this paper, we comprehensively summarize the research on adversarial attack and defense technology in the field of signal modulation recognition. As the first Chinese review of its kind, we propose a generic classification framework and threat model for adversarial attacks in this field. Classify the research in this field into two categories: physical self-defense attacks and digital direct access attacks. Then, systematically integrate and visualize the research as two-dimensional diagrams to demonstratively showcase the methods, models, and techniques of adversarial attack. Additionally, provide details on the methods and models of adversarial attack. We present the latest research on adversarial attack methods, adversarial examples generation techniques, theoretical formulas, and adversarial detection and defense techniques. We systematically refine the characteristics of the three dimensions of adversarial attacks on wireless communications and summarize the corresponding processing methods. Finally, we summarize the future research and development direction of the attack and defense security field oriented towards signal modulation recognition.

       

    /

    返回文章
    返回