• 中国精品科技期刊
  • CCF推荐A类中文期刊
  • 计算领域高质量科技期刊T1类
Advanced Search
Xu Dongyue, Tian Yunzhe, Chen Kang, Li Yike, Wu Yalun, Tong Endong, Niu Wenjia, Liu Jiqiang, Shi Zhongzhi. Survey on Adversarial Attack and Defense for Signal Modulation Recognition[J]. Journal of Computer Research and Development. DOI: 10.7544/issn1000-1239.202330826
Citation: Xu Dongyue, Tian Yunzhe, Chen Kang, Li Yike, Wu Yalun, Tong Endong, Niu Wenjia, Liu Jiqiang, Shi Zhongzhi. Survey on Adversarial Attack and Defense for Signal Modulation Recognition[J]. Journal of Computer Research and Development. DOI: 10.7544/issn1000-1239.202330826
shu

Survey on Adversarial Attack and Defense for Signal Modulation Recognition

  • 1.

    Beijing Key Laboratory of Security and Privacy in Intelligent Transportation (Beijing Jiaotong University), Beijing 100044

  • 2.

    Key Laboratory of Intelligent Information Processing, Institute of Computing Technology, Chinese Academy of Sciences, Beijing 100190

More Information
  • Author Bio:

    Xu Dongyue: born in 1999. Master candidate. Her main research interest is adversarial machine learning

    Tian Yunzhe: born in 1999. PhD candidate. His main research interest is AI security

    Chen Kang: born in 1999. Master candidate. His main research interest is signal modulation recognition

    Li Yike: born in 1995. PhD candidate. Her main research interest is AI security

    Wu Yalun: born in 1994. PhD candidate. His main research interest is AI security

    Tong Endong: born in 1986. PhD. Lecturer. Member of CCF. His main research interests include AI security, services computing, and data mining. (edtong@bjtu.edu.cn

    Niu Wenjia: born in 1982. PhD. Professor. PhD supervisor. Senior member of CCF. His main research interests include AI security, agent, and data mining.(niuwj@bjtu.edu.cn

    Liu Jiqiang: born in 1973. PhD. Professor. PhD supervisor. Senior member of CCF. His main research interests include trusted computing, cryptographic protocols, privacy preserving, and network security

    Shi Zhongzhi: born in 1941. Professor, PhD supervisor. Fellow of CCF. His main research interests include artificial intelligence, machine learning, neural computing and cognitive science

  • Received Date: October 18, 2023
  • Accepted Date: January 25, 2025
  • Available Online: January 25, 2025
    Graphical Abstract
    • Abstract

  • With the rapid development of deep learning, signal modulation recognition based on deep neural networks has gained popularity in wireless communications research. However, it has been observed that the deep neural network model is vulnerable to adversarial perturbations, rendering the modulation identification task ineffective. Currently, there are theoretical gaps and bottlenecks in wireless communication security research. Due to the multidimensional nature of wireless communication, including factors such as experimental environments, data structures, and signal characteristics, it is not feasible to transfer the established attack and defense methods from other domains to signal countermeasures. In this paper, we comprehensively summarize the research on adversarial attack and defense technology in the field of signal modulation recognition. As the first Chinese review of its kind, we propose a generic classification framework and threat model for adversarial attacks in this field. Classify the research in this field into two categories: physical self-defense attacks and digital direct access attacks. Then, systematically integrate and visualize the research as two-dimensional diagrams to demonstratively showcase the methods, models, and techniques of adversarial attack. Additionally, provide details on the methods and models of adversarial attack. We present the latest research on adversarial attack methods, adversarial examples generation techniques, theoretical formulas, and adversarial detection and defense techniques. We systematically refine the characteristics of the three dimensions of adversarial attacks on wireless communications and summarize the corresponding processing methods. Finally, we summarize the future research and development direction of the attack and defense security field oriented towards signal modulation recognition.

    • FullText(HTML)
    • References (127)
  • [1]
    Bhatti F A, Khan M J, Selim A, et al. Shared spectrum monitoring using deep learning[J]. IEEE Transactions on Cognitive Communications and Networking, 2021, 7(4): 1171−1185 doi: 10.1109/TCCN.2021.3071149
    [2]
    Dobre O A, Abdi A, Bar-Ness Y, et al. Survey of automatic modulation classification techniques: Classical approaches and new trends[J]. IET Communications, 2007, 1(2): 137−156 doi: 10.1049/iet-com:20050176
    [3]
    Zhang Wenhan, Feng Mingjie, Krunz M, et al. Signal detection and classification in shared spectrum: A deep learning approach[C/OL]//Proc of the 40th IEEE Conf on Computer Communications. Piscataway, NJ: IEEE, 2021[2023-02-02]. https://ieeexplore.ieee.org/abstract/document/9488834/
    [4]
    O’Shea T J, Corgan J, Clancy T C. Convolutional radio modulation recognition networks[C]//Proc of the 17th Int Conf on Engineering Applications of Neural Networks. Cham: Springer, 2016: 213−226
    [5]
    West N E, O’Shea T. Deep architectures for modulation recognition[C/OL]//Proc of the 2017 IEEE Int Symp on Dynamic Spectrum Access Networks. Piscataway, NJ: IEEE, 2017[2023-02-02]. https://ieeexplore.ieee.org/abstract/document/7920754/
    [6]
    Hong Dehua, Zhang Zilong, Xu Xiaodong. Automatic modulation classification using recurrent neural networks[C]//Proc of the 3rd IEEE Int Conf on Computer and Communications. Piscataway, NJ: IEEE, 2017: 695−700
    [7]
    Rajendran S, Meert W, Giustiniano D, et al. Deep learning models for wireless signal classification with distributed low-cost spectrum sensors[J]. IEEE Transactions on Cognitive Communications and Networking, 2018, 4(3): 433−445 doi: 10.1109/TCCN.2018.2835460
    [8]
    Hu Shisheng, Pei Yiyang, Liang P P, et al. Deep neural network for robust modulation classification under uncertain noise conditions[J]. IEEE Transactions on Vehicular Technology, 2020, 69(1): 564−577 doi: 10.1109/TVT.2019.2951594
    [9]
    Xu Jialang, Luo Chunbo, Parr G, et al. A spatiotemporal multi-channel learning framework for automatic modulation recognition[J]. IEEE Wireless Communications Letters, 2020, 9(10): 1629−1632 doi: 10.1109/LWC.2020.2999453
    [10]
    Huynh-The T, Hua C H, Pham Q V, et al. MCNet: An efficient CNN architecture for robust automatic modulation classification[J]. IEEE Communications Letters, 2020, 24(4): 811−815 doi: 10.1109/LCOMM.2020.2968030
    [11]
    Zhang Fuxin, Luo Chunbo, Xu Jialang, et al. An efficient deep learning model for automatic modulation recognition based on parameter estimation and transformation[J]. IEEE Communications Letters, 2021, 25(10): 3287−3290 doi: 10.1109/LCOMM.2021.3102656
    [12]
    Shi Fengyuan, Hu Zeming, Yue Chunsheng, et al. Combining neural networks for modulation recognition[J/OL]. Digital Signal Processing, 2022[2023-02-02]. https://www.sciencedirect.com/science/article/pii/S105 1200421003031
    [13]
    Szegedy C, Zaremba W, Sutskever I, et al. Intriguing properties of neural networks[J]. arXiv preprint, arXiv: 1312.6199, 2013
    [14]
    Goodfellow I J, Shlens J, Szegedy C. Explaining and harnessing adversarial examples[J]. arXiv preprint, arXiv: 1412.6572, 2015
    [15]
    Kim B, Sagduyu Y E, Davaslioglu K, et al. Channel-aware adversarial attacks against deep learning-based wireless signal classifiers[J]. IEEE Transactions on Wireless Communications, 2022, 21(6): 3868−3880 doi: 10.1109/TWC.2021.3124855
    [16]
    Sadeghi M, Larsson E G. Adversarial attacks on deep-learning based radio signal classification[J]. IEEE Wireless Communications Letters, 2019, 8(1): 213−216 doi: 10.1109/LWC.2018.2867459
    [17]
    Tu Ya, Lin Yun, Wang Jin, et al. Semi-supervised learning with generative adversarial networks on digital signal modulation classification[J]. Computers, Materials & Continua, 2018, 55(2): 243−254
    [18]
    Zhao Haojun, Lin Yun, Gao Song, et al. Evaluating and improving adversarial attacks on DNN-based modulation recognition[C/OL]//Proc of the 63rd IEEE Global Communications Conf. Piscataway, NJ: IEEE, 2020[2023-02-02]. https://ieeexplore.ieee.org/abstract/document/9322088/
    [19]
    Flowers B, Buehrer R M, Headley W C. Evaluating adversarial evasion attacks in the context of wireless communications[J]. IEEE Transactions on Information Forensics and Security, 2020, 15: 1102−1113 doi: 10.1109/TIFS.2019.2934069
    [20]
    Lin Yun, Zhao Haojun, Ma Xuefei, et al. Adversarial attacks in modulation recognition with convolutional neural networks[J]. IEEE Transactions on Reliability, 2021, 70(1): 389−401 doi: 10.1109/TR.2020.3032744
    [21]
    Tu Ya, Lin Yun, Zha Haoran, et al. Large-scale real-world radio signal recognition with deep learning[J]. Chinese Journal of Aeronautics, 2022, 35(9): 35−48 doi: 10.1016/j.cja.2021.08.016
    [22]
    Bao Zhida, Lin Yun, Zhang Sicheng, et al. Threat of adversarial attacks on DL-based IoT device identification[J]. IEEE Internet of Things Journal, 2022, 9(11): 9012−9024 doi: 10.1109/JIOT.2021.3120197
    [23]
    Zhang Sicheng, Lin Yun, Bao Zhida, et al. A lightweight modulation classification network resisting white box gradient attacks[J/OL]. Security and Communication Networks, 2021[2023-02-02]. https://onlinelibrar y.wiley.com/doi/abs/10.1155/2021/8921485
    [24]
    Hou Changbo, Liu Guowei, Tian Qiao, et al. Multisignal modulation classification using sliding window detection and complex convolutional network in frequency domain[J]. IEEE Internet of Things Journal, 2022, 9(19): 19438−19449 doi: 10.1109/JIOT.2022.3167107
    [25]
    Bahramali A, Nasr M, Houmansadr A, et al. Robust adversarial attacks against DNN-based wireless communication systems[C]//Proc of the 28th ACM SIGSAC Conf on Computer and Communications Security(CCS’21). New York: ACM, 2021: 126−140
    [26]
    Kokalj-Filipovic S, Miller R, Chang N, et al. Mitigation of adversarial examples in RF deep classifiers utilizing autoencoder pre-training[C/OL]//Proc of the 2019 Int Conf on Military Communications and Information Systems. Piscataway, NJ: IEEE, 2019[2023-02-02]. https://ieee xplore.ieee.org/abstract/document/8842663/
    [27]
    Kokalj-Filipovic S, Miller R, Vanhoy G. Adversarial examples in RF deep learning: detection and physical robustness[C/OL]//Proc of the 2019 IEEE Global Conf on Signal and Information Processing. Piscataway, NJ: IEEE, 2019[2023-02-02]. https://ieeexplore.ieee.org/abstract/document/8969138/
    [28]
    Adesina D, Hsieh C C, Sagduyu Y E, et al. Adversarial machine learning in wireless communications using RF data: A review[J]. IEEE Communications Surveys & Tutorials, 2022, 25(1): 77−100
    [29]
    Flowers B, Buehrer R M, Headley W C. Communications aware adversarial residual networks for over the Air evasion attacks[C]//Proc of the 2019 IEEE Military Communications Conf. Piscataway, NJ: IEEE, 2019: 133−140
    [30]
    Huynh-The T, Pham Q V, Nguyen T V, et al. Automatic modulation classification: a deep architecture survey[J]. IEEE Access, 2021, 9: 142950−142971 doi: 10.1109/ACCESS.2021.3120419
    [31]
    O’Shea T, Hoydis J. An introduction to deep learning for the physical layer[J]. IEEE Transactions on Cognitive Communications and Networking, 2017, 3(4): 563−575 doi: 10.1109/TCCN.2017.2758370
    [32]
    Erpek T, O’Shea T J, Sagduyu Y E, et al. Deep learning for wireless communications[J]. Development and Analysis of Deep Learning Architectures, 2020, 867: 223−266
    [33]
    Peng Shengliang, Sun Shujun, Yao Y D. A survey of modulation classification using deep learning: signal representation and data preprocessing[J]. IEEE Transactions on Neural Networks and Learning Systems, 2022, 33(12): 7020−7038 doi: 10.1109/TNNLS.2021.3085433
    [34]
    Zhou Ruolin, Liu Fugang, Gravelle C W. Deep learning for modulation recognition: A survey with a demonstration[J]. IEEE Access, 2020, 8: 67366−67376 doi: 10.1109/ACCESS.2020.2986330
    [35]
    Kingma D P, Ba J. Adam: A method for stochastic optimization[J]. arXiv preprint, arXiv: 1412.6980, 2014
    [36]
    O’Shea T J, Roy T, Clancy T C. Over-the-air deep learning based radio signal classification[J]. IEEE Journal of Selected Topics in Signal Processing, 2018, 12(1): 168−179 doi: 10.1109/JSTSP.2018.2797022
    [37]
    Blossom E. GNU Radio: Tools for exploring the radio frequency spectrum[J/OL]. Linux Journal, 2004[2023-02-02]. https://dl.acm.org/doi/fullHtml/10.5555/993247.993251
    [38]
    Tekbiyik K, Ekti A R, Gorcin A, et al. Robust and fast automatic modulation classification with CNN under multipath fading channels[C/OL]//Proc of the 91st IEEE Vehicular Technology Conf. Piscataway, NJ: IEEE, 2020[2023-02-02]. https://ieeexplore.ieee.org/abstract/document/9128408/
    [39]
    Mendis G J, Wei-Kocsis J, Madanayake A. Deep learning based radio-signal identification with hardware design[J]. IEEE Transactions on Aerospace and Electronic Systems, 2019, 55(5): 2516−2531 doi: 10.1109/TAES.2019.2891155
    [40]
    Lee J, Kim B, Kim J, et al. Deep neural network-based blind modulation classification for fading channels[C]//Proc of the 8th Int Conf on Information and Communication Technology Convergence. Piscataway, NJ: IEEE, 2017: 551−554
    [41]
    Liu Xiaoyu, Yang Diyu, Gamal A E. Deep neural network architectures for modulation classification[C]//Proc of the 51st Asilomar Conf on Signals, Systems, and Computers. Piscataway, NJ: IEEE, 2017: 915−919
    [42]
    Mendis G J, Wei Jin, Madanayake A. Deep learning-based automated modulation classification for cognitive radio[C/OL]//Proc of the 2016 IEEE Int Conf on Communication Systems. Piscataway, NJ: IEEE, 2016[2023-02-02]. https://ieeexplore.ieee.org/abstract/document/7833571/
    [43]
    Ali A, Yangyu F. k-sparse autoencoder-based automatic modulation classification with low complexity[J]. IEEE Communications Letters, 2017, 21(10): 2162−2165 doi: 10.1109/LCOMM.2017.2717821
    [44]
    Dai Ao, Zhang Haijian, Sun Hong. Automatic modulation classification using stacked sparse auto-encoders[C]//Proc of the 2016 IEEE Int Conf on Signal Processing. Piscataway, NJ: IEEE, 2016: 248−252
    [45]
    Xie Wenwu, Hu Sheng, Yu Chao, et al. Deep learning in digital modulation recognition using high order cumulants[J]. IEEE Access, 2019, 7: 63760−63766 doi: 10.1109/ACCESS.2019.2916833
    [46]
    Shi Wenzhe, Liu Dejun, Cheng Xing, et al. Particle swarm optimization-based deep neural network for digital modulation recognition[J]. IEEE Access, 2019, 7: 104591−104600 doi: 10.1109/ACCESS.2019.2932266
    [47]
    Yashashwi K, Sethi A, Chaporkar P. A learnable distortion correction module for modulation recognition[J]. IEEE Wireless Communications Letters, 2019, 8(1): 77−80 doi: 10.1109/LWC.2018.2855749
    [48]
    Zeng Yuan, Zhang Meng, Han Fei, et al. Spectrum analysis and convolutional neural network for automatic modulation recognition[J]. IEEE Wireless Communications Letters, 2019, 8(3): 929−932 doi: 10.1109/LWC.2019.2900247
    [49]
    Peng Shengliang, Jiang Hanyu, Wang Huaxia, et al. Modulation classification based on signal constellation diagrams and deep learning[J]. IEEE Transactions on Neural Networks and Learning Systems, 2019, 30(3): 718−727 doi: 10.1109/TNNLS.2018.2850703
    [50]
    Zhang Zufan, Wang Chun, Gan Chenquan, et al. Automatic modulation classification using convolutional neural network with features fusion of SPWVD and BJD[J]. IEEE Transactions on Signal and Information Processing over Networks, 2019, 5(3): 469−478 doi: 10.1109/TSIPN.2019.2900201
    [51]
    Wu Hao, Li Yaxing, Zhou Liang, et al. Convolutional neural network and multi‐feature fusion for automatic modulation classification[J]. Electronics Letters, 2019, 55(16): 895−897 doi: 10.1049/el.2019.1789
    [52]
    Wang Yu, Liu Miao, Yang Jie, et al. Data-driven deep learning for automatic modulation recognition in cognitive radios[J]. IEEE Transactions on Vehicular Technology, 2019, 68(4): 4074−4077 doi: 10.1109/TVT.2019.2900460
    [53]
    Wang Danshi, Zhang Min, Li Ze, et al. Modulation format recognition and OSNR estimation using CNN-based deep learning[J]. IEEE Photonics Technology Letters, 2017, 29(19): 1667−1670 doi: 10.1109/LPT.2017.2742553
    [54]
    Lee J H, Kim K Y, Shin Y. Feature image-based automatic modulation classification method using CNN algorithm[C/OL]//Proc of the 2019 Int Conf on Artificial Intelligence in Information and Communication. Piscataway, NJ: IEEE, 2019[2023-02-02]. https://ieeexplore.iee e.org/abstract/document/8669002/
    [55]
    Chen Zhuangzhi, Cui Hui, Xiang Jingyang, et al. SigNet: A novel deep learning framework for radio signal classification[J]. IEEE Transactions on Cognitive Communications and Networking, 2021, 8(2): 529−541
    [56]
    Hermawan A P, Ginanjar R R, Kim D S, et al. CNN-based automatic modulation classification for beyond 5G communications[J]. IEEE Communications Letters, 2020, 24(5): 1038−1041 doi: 10.1109/LCOMM.2020.2970922
    [57]
    Ke Ziqi, Vikalo H. Real-time radio technology and modulation classification via an LSTM auto-encoder[J]. IEEE Transactions on Wireless Communications, 2022, 21(1): 370−382 doi: 10.1109/TWC.2021.3095855
    [58]
    Chang Shuo, Huang Sai, Zhang Ruiyun, et al. Multitask-learning-based deep neural network for automatic modulation classification[J]. IEEE Internet of Things Journal, 2022, 9(3): 2192−2206 doi: 10.1109/JIOT.2021.3091523
    [59]
    Ghasemzadeh P, Banerjee S, Hempel M, et al. A novel deep learning and polar transformation framework for an adaptive automatic modulation classification[J]. IEEE Transactions on Vehicular Technology, 2020, 69(11): 13243−13258 doi: 10.1109/TVT.2020.3022394
    [60]
    Akhtar N, Mian A. Threat of adversarial attacks on deep learning in computer vision: A survey[J]. IEEE Access, 2018, 6: 14410−14430 doi: 10.1109/ACCESS.2018.2807385
    [61]
    Cao Yangjie, Jia Lili, Chen Yongxia, et al. Recent advances of generative adversarial networks in computer vision[J]. IEEE Access, 2019, 7: 14985−15006 doi: 10.1109/ACCESS.2018.2886814
    [62]
    Akhtar N, Mian A, Kardan N, et al. Advances in adversarial attacks and defenses in computer vision: A survey[J]. IEEE Access, 2021, 9: 155161−155196 doi: 10.1109/ACCESS.2021.3127960
    [63]
    Zou Zhengxia, Lei Sen, Shi Tianyang, et al. Deep adversarial decomposition: A unified framework for separating superimposed images[C]//Proc of the 2020 IEEE/CVF Conf on Computer Vision and Pattern Recognition. Piscataway, NJ: IEEE, 2020: 12803−12813
    [64]
    Sarafianos N, Xu Xiang, Kakadiaris I. Adversarial representation learning for text-to-image matching[C]//Proc of the 2019 IEEE/CVF Int Conf on Computer Vision. Piscataway, NJ: IEEE, 2019: 5814−5824
    [65]
    Wang Hao, Gong Dihong, Li Zhifeng, et al. Decorrelated adversarial learning for age-invariant face recognition[C]//Proc of the 2019 IEEE/CVF Conf on Computer Vision and Pattern Recognition. Piscataway, NJ: IEEE, 2019: 3522−3531
    [66]
    Zhong Yaoyao, Deng Weihong. Adversarial learning with margin-based triplet embedding regularization[C]//Proc of the 2019 IEEE/CVF Int Conf on Computer Vision. Piscataway, NJ: IEEE, 2019: 6548−6557
    [67]
    Madry A, Makelov A, Schmidt L, et al. Towards deep learning models resistant to adversarial attacks[J]. arXiv preprint, arXiv: 1706.06083, 2017
    [68]
    Bai Tao, Luo Jinqi, Zhao Jun, et al. Recent advances in adversarial training for adversarial robustness[C]//Proc of the 21st Int Joint Conf on Artificial Intelligence. Piscataway, NJ: IEEE, 2021: 4312−4321
    [69]
    Tramèr F, Kurakin A, Papernot N, et al. Ensemble adversarial training: attacks and defenses[J]. arXiv preprint, arXiv: 1705.07204, 2017
    [70]
    Carlini N, Wagner D. Audio adversarial examples: Targeted attacks on speech-to-text[C/OL]//Proc of the 2018 IEEE Security and Privacy Workshops. Piscataway, NJ: IEEE, 2018[2023-02-02]. https://ieeexplor e.ieee.org/abstract/document/8424625/
    [71]
    Hannun A, Case C, Casper J, et al. Deep speech: Scaling up end-to-end speech recognition[J]. arXiv preprint, arXiv: 1412.5567, 2014
    [72]
    郑海斌,陈晋音,章燕. 面向自然语言处理的对抗攻防与鲁棒性分析综述[J]. 计算机研究与发展,2021,58(8):1727−1750 doi: 10.7544/issn1000-1239.2021.20210304

    Zheng Haibin, Chen Jinyin, Zhang Yan. Survey of adversarial attack, defense and robustness analysis for natural language processing[J]. Journal of Computer Research and Development, 2021, 58(8): 1727−1750(in Chinese) doi: 10.7544/issn1000-1239.2021.20210304
    [73]
    Zhang W E, Sheng Q Z, Alhazmi A, et al. Adversarial attacks on deep-learning models in natural language processing: A survey[J]. ACM Transactions on Intelligent Systems and Technology, 2020, 11(3): 1−41
    [74]
    Zhou Yi, Zheng Xiaoqing, Hsieh C J, et al. Defense against adversarial attacks in NLP via dirichlet neighborhood ensemble[J]. arXiv preprint, arXiv: 2006.11627, 2020
    [75]
    Araujo V, Carvallo A, Aspillaga C, et al. On adversarial examples for biomedical NLP tasks[J]. arXiv preprint, arXiv: 2004.11157, 2020
    [76]
    Miao Deshui, Zhang Jiaqi, Xie Wenbo, et al. Simple contrastive representation adversarial learning for NLP tasks[J]. arXiv preprint, arXiv: 2111.13301, 2021
    [77]
    Han Xudong, Baldwin T, Cohn T. Decoupling adversarial training for fair NLP[C/OL]//Proc of the Joint Conf of the 59th Annual Meeting of the Association for Computational Linguistics and the 11th Int Joint Conf on Natural Language Processing(ACL-IJCNLP 2021). 2021: 471−477[2023-02-02]. https://aclanthology.org/2021.findings-acl.41.pdf
    [78]
    Kim B, Sagduyu Y E, Davaslioglu K, et al. Over-the-air adversarial attacks on deep learning based modulation classifier over wireless channels[C/OL]//Proc of the 54th Annual Conf on Information Sciences and Systems(CISS). Piscataway, NJ: IEEE, 2020[2023-02-02]. https://ieeexplore.ieee.org/abstract/document/9086166/
    [79]
    Restuccia F, D’Oro S, Al-Shawabka A, et al. Generalized wireless adversarial deep learning[C]//Proc of the 2nd ACM Workshop on Wireless Security and Machine Learning. New York: ACM, 2020: 49−54
    [80]
    Bair S, DelVecchio M, Flowers B, et al. On the limitations of targeted adversarial evasion attacks against deep learning enabled modulation recognition[C/OL]//Proc of the ACM Workshop on Wireless Security and Machine Learning. New York: ACM, 2019: 25−30
    [81]
    Kokalj-Filipovic S, Miller R, Morman J. Targeted adversarial examples against RF deep classifiers[C]//Proc of the ACM Workshop on Wireless Security and Machine Learning. New York: ACM, 2019: 6−11
    [82]
    Ke Da, Huang Zhitao, Wang Xiang, et al. Application of adversarial examples in communication modulation classification[C]//Proc of the 19th Int Conf on Data Mining Workshops. Piscataway, NJ: IEEE, 2019: 877−882
    [83]
    Davaslioglu K, Sagduyu Y E. Trojan attacks on wireless signal classification with adversarial machine learning[C/OL]//Proc of the 12th IEEE Int Symp on Dynamic Spectrum Access Networks. Piscataway, NJ: IEEE, 2019[2023-02-02]. https://ieeexplore.ieee.org/abstract/document/8935782/
    [84]
    Kim B, Sagduyu Y E, Erpek T, et al. Adversarial attacks with multiple antennas against deep learning-based modulation classifiers[C/OL]//Proc of the 2020 IEEE Globecom Workshops. Piscataway, NJ: IEEE, 2020[2023-02-02]. https://ieeexplore.ieee.org/abstract/document/9367473/
    [85]
    Yi Jinho, Gamal A E. Gradient-based adversarial deep modulation classification with data-driven subsampling[J]. arXiv preprint, arXiv: 2104.06375, 2021
    [86]
    Usama M, Asim M, Qadir J, et al. Adversarial machine learning attack on modulation classification[C/OL]//Proc of the 2019 UK/ China Emerging Technologies. Piscataway, NJ: IEEE, 2019[2023-02-02]. https://ieeexpl ore.ieee.org/abstract/document/8881843
    [87]
    Usama M, Qadir J, Al-Fuqaha A. Black-box adversarial ML attack on modulation classification[J]. arXiv preprint, arXiv: 1908.00635, 2019
    [88]
    Sahay R, Brinton C G, Love D J. Frequency-based automated modulation classification in the presence of adversaries[C/OL]//Proc of the 56th IEEE Int Conf on Communications. Piscataway, NJ: IEEE, 2021[2023-02-02]. https://ieeexplore.ieee.org/abstract/document/9500583/
    [89]
    Lin Yun, Zhao Haojun, Tu Ya, et al. Threats of adversarial attacks in DNN-based modulation recognition[C]//Proc of the 39th IEEE Conf on Computer Communications. Piscataway, NJ: IEEE, 2020: 2469−2478
    [90]
    Hameed M Z, Gyorgy A, Gunduz D. Communication without interception: Defense against modulation detection[C/OL]//Proc of the 7th IEEE Global Conf on Signal and Information Processing. Piscataway, NJ: IEEE, 2019[2023-02-02]. https://ieeexplore.ieee.org/abstract/document/8969541/
    [91]
    Hameed M Z, Gyorgy A, Gunduz D. The best defense is a good offense: Adversarial attacks to avoid modulation detection[J]. IEEE Transactions on Information Forensics and Security, 2021, 16: 1074−1087 doi: 10.1109/TIFS.2020.3025441
    [92]
    DelVecchio M, Flowers B, Headley W C. Effects of forward error correction on communications aware evasion attacks[C/OL]//Proc of the 31st Annual Int Symp on Personal, Indoor and Mobile Radio Communications. Piscataway, NJ: IEEE, 2020[2023-02-02]. https://ieeexplore.ieee.org/abst ract/document/9217343/
    [93]
    DelVecchio M, Arndorfer V, Headley W C. Investigating a spectral deception loss metric for training machine learning-based evasion attacks[C]//Proc of the 2nd ACM Workshop on Wireless Security and Machine Learning. New York: ACM, 2020: 43−48
    [94]
    Hameed M Z. New quality measures for adversarial attacks with applications to secure communication[D]. London: Imperial College London, 2020
    [95]
    Berian A, Staab K, Ditzler G, et al. Adversarial filters for secure modulation classification[C]//Proc of the 55th Asilomar Conf on Signals, Systems, and Computers. Piscataway, NJ: IEEE, 2021: 361−367
    [96]
    Sandler R A, Relich P K, Cho C, et al. Real-time over-the-air adversarial perturbations for digital communications using deep neural networks[J]. arXiv preprint, arXiv: 2202.11197, 2022
    [97]
    Chakraborty A, Alam M, Dey V, et al. Adversarial attacks and defences: A survey[J]. arXiv preprint, arXiv: 1810.00069, 2018
    [98]
    Yi Shi, Sagduyu Y, Grushin A. How to steal a machine learning classifier with deep learning[C/OL]//Proc of the 2017 IEEE Int Symp on Technologies for Homeland Security. Piscataway, NJ: IEEE, 2017[2023-02-02]. https://ieeexplore.ieee.org/abstract/document/7943475/
    [99]
    Shi Y, Sagduyu Y E, Davaslioglu K, et al. Active deep learning attacks under strict rate limitations for online API calls[C/OL]//Proc of the 2018 IEEE Int Symp on Technologies for Homeland Security. Piscataway, NJ: IEEE, 2018[2023-02-02]. https://ieeexplore.ieee.org/abstract/document/8574124/
    [100]
    Pi Lei, Lu Zhuo, Sagduyu Y, et al. Defending active learning against adversarial inputs in automated document classification[C]//Proc of the 4th IEEE Global Conf on Signal and Information Processing. Piscataway, NJ: IEEE, 2016: 257−261
    [101]
    Shi Yi, Sagduyu Y E, Davaslioglu K, et al. Generative adversarial networks for black-box API attacks with limited training data[C]//Proc of the 2018 IEEE Int Symp on Signal Processing and Information Technology. Piscataway, NJ: IEEE, 2018: 453−458
    [102]
    Biggio B, Nelson B, Laskov P. Poisoning attacks against support vector machines[J]. arXiv preprint, arXiv: 1206.6389, 2012
    [103]
    Wang Bolun, Yao Yuanshun, Shan S, et al. Neural cleanse: Identifying and mitigating backdoor attacks in neural networks[C]//Proc of the 40th IEEE Symp on Security and Privacy. Piscataway, NJ: IEEE, 2019: 707−723
    [104]
    Kurakin A, Goodfellow I J, Bengio S. Adversarial examples in the physical world[J]. arXiv preprint, arXiv: 1607.02533
    [105]
    Kim B, Sagduyu Y E, Erpek T, et al. Channel effects on surrogate models of adversarial attacks against wireless signal classifiers[C/OL]//Proc of the 57th IEEE Int Conf on Communications. Piscataway, NJ: IEEE, 2021[2023-02-02]. https://ieeexplore.ieee.org/abstract/document/9500374/
    [106]
    Wyner A D. The wire-tap channel[J]. Bell System Technical Journal, 1975, 54(8): 1355−1387 doi: 10.1002/j.1538-7305.1975.tb02040.x
    [107]
    Gunduz D, Brown D R, Poor H V. Secret communication with feedback[C/OL]//Proc of the Int Symp on Information Theory and Its Applications. Piscataway, NJ: IEEE, 2008[2023-02-02]. https://ieeexplor e.ieee.org/abstract/document/4895417/
    [108]
    Papernot N, McDaniel P, Jha S, et al. The limitations of deep learning in adversarial settings[C]//Proc of the 1st IEEE European Symp on Security and Privacy. Piscataway, NJ: IEEE, 2016: 372−387
    [109]
    Kim B, Sagduyu Y E, Davaslioglu K, et al. How to make 5G communications “Invisible”: Adversarial machine learning for wireless privacy[C]//Proc of the 54th Asilomar Conf on Signals, Systems, and Computers. Piscataway, NJ: IEEE, 2020: 763−767
    [110]
    Baluja S, Fischer I. Learning to attack: Adversarial transformation networks[C/OL]//Proc of the AAAI Conf on Artificial Intelligence. Palo Alto, CA: AAAI, 2018[2023-02-02]. https://ojs.aaai.org/index.php/AAAI/article/view/11672
    [111]
    张田,杨奎武,魏江宏. 面向图像数据的对抗样本检测与防御技术综述[J]. 计算机研究与发展,2022,59(6):1315−1328 doi: 10.7544/issn1000-1239.20200777

    Zhang Tian, Yang Kuiwu, Wei Jianghong. Survey on detecting and defending adversarial examples for image data[J]. Journal of Computer Research and Development, 2022, 59(6): 1315−1328 (in Chinese) doi: 10.7544/issn1000-1239.20200777
    [112]
    Dong Yinpeng, Liao Fangzhou, Pang Tianyu, et al. Boosting adversarial attacks with momentum[C]//Proc of the 31st IEEE/CVF Conf on Computer Vision and Pattern Recognition. Piscataway, NJ: IEEE, 2018: 9185−9193
    [113]
    Moosavi-Dezfooli S M, Fawzi A, Fawzi O, et al. Universal adversarial perturbations[C]//Proc of the 30th IEEE Conf on Computer Vision and Pattern Recognition. Piscataway, NJ: IEEE, 2017: 86−94
    [114]
    Carlini N, Wagner D. Towards evaluating the robustness of neural networks[C]//Proc of the 38th IEEE Symp on Security and Privacy. Piscataway, NJ: IEEE, 2017: 39−57
    [115]
    Hinton G, Vinyals O, Dean J. Distilling the knowledge in a neural network[J]. arXiv preprint, arXiv: 1503.02531, 2015
    [116]
    Papernot N, Faghri F, Carlini N, et al. Technical report on the CleverHans v2.1. 0 adversarial examples library[J]. arXiv preprint, arXiv: 1610.00768, 2016
    [117]
    Ramjee S, Ju Shengtai, Yang Diyu, et al. Ensemble wrapper subsampling for deep modulation classification[J]. IEEE Transactions on Cognitive Communications and Networking, 2021, 7(4): 1156−1170 doi: 10.1109/TCCN.2021.3108809
    [118]
    Kurakin A, Goodfellow I J, Bengio S. Adversarial machine learning at scale[C/OL]//Proc of Int Conf on Learning Representations.[2024-05-26]. https://openreview.net/forum?id=BJm4T4Kgx
    [119]
    Sagduyu Y E, Shi Yi, Erpek T. Adversarial deep learning for over-the-air spectrum poisoning attacks[J]. IEEE Transactions on Mobile Computing, 2021, 20(2): 306−319 doi: 10.1109/TMC.2019.2950398
    [120]
    Shi Yi, Erpek T, Sagduyu Y E, et al. Spectrum data poisoning with adversarial deep learning[C]//Proc of the 37th IEEE Military Communications Conf. Piscataway, NJ: IEEE, 2018: 407−412
    [121]
    Bengio Y, Louradour J, Collobert R, et al. Curriculum learning[C]//Proc of the 26th Annual Int Conf on Machine Learning. New York: ACM, 2009: 41−48
    [122]
    Cohen J, Rosenfeld E, Kolter J Z. Certified adversarial robustness via randomized smoothing[C]//Proc of the 36th Int Conf on Machine Learning. New York: PMLR. 2019: 1310−1320
    [123]
    Dodge Y. Kolmogorov–smirnov test[J/OL]. The Concise Encyclopedia of Statistics, 2008[2023-03-08]. http://link.springer.com/10.1007/978-0-387-32 833-1_214
    [124]
    Al-shawabka A, Restuccia F, D’Oro S, et al. Massive-scale I/Q datasets for WiFi radio fingerprinting[J/OL]. Computer Networks, 2020[2023-02-02]. https://www.sciencedirect.com/science/article/pii/S1389128620312123
    [125]
    Alkhateeb A. DeepMIMO: A generic deep learning dataset for millimeter wave and massive MIMO applications[J]. arXiv preprint, arXiv: 1902.06435, 2019
    [126]
    Erden, Fatih, Ezuma, Martins, Anjinappa, Chethan K. , et al. Drone remote controller RF signal dataset [DB/OL]. IEEE DataPort, 2020[2023-03-08]. https://ieee-dataport.org/open-access/drone-remote-controller-rf-signal-dataset
    [127]
    Ilyas A, Santurkar S, Tsipras D, et al. Adversarial examples are not bugs, they are features[J/OL]. Advances in Neural Information Processing Systems, 2019[2023-03-08]. https://proceedings.neurips.cc/paper/2019/has h/e2c420d928d4bf8ce0ff2ec19b371514-Abstract.html
    • Related Articles

  • Related Articles

    [1]Tai Jianwei, Yang Shuangning, Wang Jiajia, Li Yakai, Liu Qixu, Jia Xiaoqi. Survey of Adversarial Attacks and Defenses for Large Language Models[J]. Journal of Computer Research and Development, 2025, 62(3): 563-588. DOI: 10.7544/issn1000-1239.202440630
    [2]Qin Zhen, Zhuang Tianming, Zhu Guosong, Zhou Erqiang, Ding Yi, Geng Ji. Survey of Security Attack and Defense Strategies for Artificial Intelligence Model[J]. Journal of Computer Research and Development, 2024, 61(10): 2627-2648. DOI: 10.7544/issn1000-1239.202440449
    [3]Liu Jialang, Guo Yanming, Lao Mingrui, Yu Tianyuan, Wu Yulun, Feng Yunhao, Wu Jiazhuang. Survey of Backdoor Attack and Defense Algorithms Based on Federated Learning[J]. Journal of Computer Research and Development, 2024, 61(10): 2607-2626. DOI: 10.7544/issn1000-1239.202440487
    [4]Zheng Mingyu, Lin Zheng, Liu Zhengxiao, Fu Peng, Wang Weiping. Survey of Textual Backdoor Attack and Defense[J]. Journal of Computer Research and Development, 2024, 61(1): 221-242. DOI: 10.7544/issn1000-1239.202220340
    [5]Zhang Weijuan, Bai Lu, Ling Yuqing, Lan Xiao, Jia Xiaoqi. Cache Side-Channel Attacks and Defenses[J]. Journal of Computer Research and Development, 2023, 60(1): 206-222. DOI: 10.7544/issn1000-1239.202110774
    [6]Li Qian, Lin Chenhao, Yang Yulong, Shen Chao, Fang Liming. Adversarial Attacks and Defenses Against Deep Learning Under the Cloud-Edge-Terminal Scenes[J]. Journal of Computer Research and Development, 2022, 59(10): 2109-2129. DOI: 10.7544/issn1000-1239.20220665
    [7]Zheng Haibin, Chen Jinyin, Zhang Yan, Zhang Xuhong, Ge Chunpeng, Liu Zhe, Ouyang Yike, Ji Shouling. Survey of Adversarial Attack, Defense and Robustness Analysis for Natural Language Processing[J]. Journal of Computer Research and Development, 2021, 58(8): 1727-1750. DOI: 10.7544/issn1000-1239.2021.20210304
    [8]Li Minghui, Jiang Peipei, Wang Qian, Shen Chao, Li Qi. Adversarial Attacks and Defenses for Deep Learning Models[J]. Journal of Computer Research and Development, 2021, 58(5): 909-926. DOI: 10.7544/issn1000-1239.2021.20200920
    [9]Jiang Wei, Fang Binxing, Tian Zhihong, Zhang Hongli. Research on Defense Strategies Selection Based on Attack-Defense Stochastic Game Model[J]. Journal of Computer Research and Development, 2010, 47(10): 1714-1723.
    [10]Li Lang, Li Renfa, Tong Yuanman, Zhang Jingjing, Edwin H-M Sha. Development on Power Analysis Attack and Defense of Embedded Cipher Chip[J]. Journal of Computer Research and Development, 2010, 47(4): 595-604.

  • Cited by

    Periodical cited type(17)

    1. 贾熹滨,魏心岚. 异常行为敏感的学生行为时序建模及心理健康预测方法. 北京工业大学学报. 2024(08): 939-947 .
    2. 杨坤融,熊余,张健,储雯. 面向长短期混合数据的MOOC辍学预测策略研究. 计算机工程与应用. 2023(04): 130-138 .
    3. 戴宇睿,安俊秀,陶全桧. 融合双通路注意力与VT-LSTM的金融时序预测. 计算机工程与应用. 2023(12): 157-165 .
    4. 张文奇,王海瑞,朱贵富. 基于因果推断和多头自注意力机制的学生成绩预测. 现代电子技术. 2023(17): 111-116 .
    5. 罗文劼,肖梓良. 结合图卷积的在线编程系统成绩预测模型. 计算机工程与设计. 2023(09): 2769-2776 .
    6. 罗文劼,肖梓良. 融合知识点与图卷积的在线编程题目推荐算法. 小型微型计算机系统. 2023(10): 2331-2337 .
    7. 刘彤,齐慧冉,倪维健. 基于多层特征融合的学生成绩预测模型. 计算机工程与设计. 2023(10): 2973-2978 .
    8. 张文娟,张彬,杨皓哲. 基于双注意力机制的成绩预测. 南京师大学报(自然科学版). 2023(04): 103-113 .
    9. 徐小玉. 基于异构信息网络的学生成绩预测与预警模型研究. 信息技术与网络安全. 2022(01): 84-89 .
    10. 马超. 基于历史数据驱动的运动员成绩估计研究. 微型电脑应用. 2022(02): 145-148 .
    11. 李琪. 基于XGBoost的科目分类方法的学生成绩预测研究. 信息与电脑(理论版). 2022(05): 244-246+250 .
    12. 李崇照,王法玉. 基于循环门单元和注意力机制的学生学习积极性预测模型. 天津理工大学学报. 2022(02): 14-19 .
    13. 李菲,曹阳,顾问. 基于秩相关性分析的学生在线学习效果预测方法. 信息技术与信息化. 2022(09): 99-102 .
    14. 王丹萍,王忠,梁宏涛. 基于深度学习的知识追踪研究综述. 计算机测量与控制. 2022(12): 1-10 .
    15. 崔立志,何泽彬,李璇. 基于注意力的R-GCN-GRU的在线学生绩效预测. 电子测量技术. 2021(19): 69-75 .
    16. 何雪锋. 基于机器学习的“软助”证书挂科生分类预测研究. 河北软件职业技术学院学报. 2021(04): 6-10 .
    17. 靳现凯,宋威. 基于DNN的大学生学业成绩预测方法研究——以北京市某高校电子信息类专业为例. 北方工业大学学报. 2021(05): 134-140 .

    Other cited types(34)

Catalog

    Get Citation
    PDF
    XML
    Article views (59) PDF downloads (19) Cited by(51)
    Turn off MathJax
    Article Contents
    Abstract
    References
    Related Articles
    Email Alert RSS
    微信订阅号<br/>(实时资讯)

    微信订阅号
    (实时资讯)

    微信服务号<br/>(同步网站)

    微信服务号
    (同步网站)

    微信视频号<br/>(视频分享)

    微信视频号
    (视频分享)

    CCF<br/>(扫码入会)

    CCF
    (扫码入会)

    Copyright © Editorial Department of Computer Research and Development

    Supported by: Beijing Renhe Information Technology Co., Ltd. Baidu Analytics

    /

    DownLoad:  Full-Size Img  PowerPoint
    Return
    Return