TY - GEN
T1 - Implementation of Real-Time Adversarial Attacks on DNN-based Modulation Classifier
AU - Shtaiwi, Eyad
AU - Hussein, Ahmed Refaey
AU - Khawar, Awais
AU - Alkhateeb, Ahmed
AU - Abdelhadi, Ahmed
AU - Han, Zhu
N1 - Publisher Copyright:
© 2023 IEEE.
PY - 2023
Y1 - 2023
N2 - In this paper, we provide a hardware implementation for over-the-air (OTA) adversarial attack on a deep neural network (DNN)-based modulation classifiers. Although Automatic modulation classification (AMC) using the DNN-based method outperforms the traditional classification, it has been proven that the machine learning (ML) approaches lack robustness against adversarial attacks. Therefore, the adversarial attacks cause the loss of accuracy for the DNN-based AMC by injecting a well-designed perturbation to the wireless channels. The case study presented evaluates the adversarial attack performance and its effects on the accuracy of the DNN-classifier OTA using a universal software radio peripheral (USRP) B210. Firstly, we develop an intelligent AMC system using USRPs to classify four digitally modulated signals, namely, BPSK, QPSK, 8PSK, and 16QAM, in real-time. We consider a wireless communication system that consists of three software-defined radios (SDRs), namely, transmitter, receiver, and adversarial attack. While the Rx classifies the received signal, using a DNN-based classifier, the adversarial attack node intends to misclassify the DNN-based classifier by perturbing the input data of with an adversarial example. The developed adversarial node implements the Fast-Gradient Sign method (FGSM) to generate the needed perturbation. The results of the conducted experiment show that the DNN-based classifier achieves 97% accuracy in the absence of an adversarial node. However, after deploying the adversarial attack the classifier accuracy drops to 42%.
AB - In this paper, we provide a hardware implementation for over-the-air (OTA) adversarial attack on a deep neural network (DNN)-based modulation classifiers. Although Automatic modulation classification (AMC) using the DNN-based method outperforms the traditional classification, it has been proven that the machine learning (ML) approaches lack robustness against adversarial attacks. Therefore, the adversarial attacks cause the loss of accuracy for the DNN-based AMC by injecting a well-designed perturbation to the wireless channels. The case study presented evaluates the adversarial attack performance and its effects on the accuracy of the DNN-classifier OTA using a universal software radio peripheral (USRP) B210. Firstly, we develop an intelligent AMC system using USRPs to classify four digitally modulated signals, namely, BPSK, QPSK, 8PSK, and 16QAM, in real-time. We consider a wireless communication system that consists of three software-defined radios (SDRs), namely, transmitter, receiver, and adversarial attack. While the Rx classifies the received signal, using a DNN-based classifier, the adversarial attack node intends to misclassify the DNN-based classifier by perturbing the input data of with an adversarial example. The developed adversarial node implements the Fast-Gradient Sign method (FGSM) to generate the needed perturbation. The results of the conducted experiment show that the DNN-based classifier achieves 97% accuracy in the absence of an adversarial node. However, after deploying the adversarial attack the classifier accuracy drops to 42%.
KW - DNN-based classifier
KW - FSGM
KW - Modulation classifications
KW - SDR.
KW - USRPs
UR - http://www.scopus.com/inward/record.url?scp=85152050156&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85152050156&partnerID=8YFLogxK
U2 - 10.1109/ICNC57223.2023.10074421
DO - 10.1109/ICNC57223.2023.10074421
M3 - Conference contribution
AN - SCOPUS:85152050156
T3 - 2023 International Conference on Computing, Networking and Communications, ICNC 2023
SP - 288
EP - 292
BT - 2023 International Conference on Computing, Networking and Communications, ICNC 2023
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2023 International Conference on Computing, Networking and Communications, ICNC 2023
Y2 - 20 February 2023 through 22 February 2023
ER -