Evaluating the Security of Machine Learning Based IoT Device Identification Systems Against Adversarial Examples

Namvar, Anahita; Thapa, Chandra; Kanhere, Salil S.; Camtepe, Seyit

doi:10.1007/978-3-030-91431-8_57

Cited by 3 publications

(3 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In Algorithm 2, we provide the pseudo-code for the Two-sample Kolmogorov-Smirnov goodness of fit test (KS-test) (Namvar et al, 2021) applied in Section 5.3. We set the significant level α to 0.05, which is the most commonly used value (Chen et al, 2019) and recommended as a standard level (Fisher, 1955).…”

Section: Declarationsmentioning

confidence: 99%

“…In this section, we propose a statistical analysis to compare the stealthiness of adversarial attacks generated by QVCs and classical CNNs. We adopt the assumption from Namvar et al (2021) to our scenario that an attack is imperceptible if we detect at least one modulation class that has a similar data distribution of radio signal data as that of the adversarially crafted radio signal data. For this purpose, we apply the Two-sample Kolmogorov-Smirnov goodness of fit test (KS-test).…”

Section: Data Stealthinessmentioning

confidence: 99%

See 1 more Smart Citation

Radio Signal Classification by Adversarially Robust Quantum Machine Learning

Wu,

Adermann,

Thapa

et al. 2024

Preprint

Self Cite

View full text Add to dashboard Cite

Radio signal classification plays a pivotal role in identifying the modulation scheme used in received radio signals, which is essential for demodulation and proper interpretation of the transmitted information. Researchers have underscored the high susceptibility of ML algorithms for radio signal classification to adversarial attacks. Such vulnerability could result in severe consequences, including misinterpretation of critical messages, interception of classified information, or disruption of communication channels. Recent advancements in quantum computing have revolutionized theories and implementations of computation, bringing the unprecedented development of Quantum Machine Learning (QML). It is shown that quantum variational classifiers (QVCs) provide notably enhanced robustness against classical adversarial attacks in image classification. However, no research has yet explored whether QML can similarly mitigate adversarial threats in the context of radio signal classification. This work applies QVCs to radio signal classification and studies their robustness to various adversarial attacks. We also propose the novel application of the approximate amplitude encoding (AAE) technique to encode radio signal data efficiently. Our extensive simulation results present that attacks generated on QVCs transfer well to CNN models, indicating that these adversarial examples can fool neural networks that they are not explicitly designed to attack. However, the converse is not true. QVCs primarily resist the attacks generated on convolutional neural networks (CNNs). Overall, with comprehensive simulations, our results shed new light on the growing field of QML by bridging knowledge gaps in QML in radio signal classification and uncovering the advantages of applying QML methods in practical applications.

show abstract

Section: Declarationsmentioning

confidence: 99%

Section: Data Stealthinessmentioning

confidence: 99%

Radio Signal Classification by Adversarially Robust Quantum Machine Learning

Wu,

Adermann,

Thapa

et al. 2024

Preprint

Self Cite

View full text Add to dashboard Cite

show abstract

“…In [31], the effects of different non-targeted and targeted adversarial attacks (such as FGSM, BIM, PGD, and MIM) were investigated on a CNN used for radiofrequency-based individual device identification. Similarly, in [32], the resilience of network-based IoT identification ML models was assessed against adversarial samples generated using FGSM, BIM, and JSMA. The results showed that classifier models with more than 90% accuracy experienced a performance drop to 75-55% when exposed to maliciously crafted samples.…”

Section: Ml/dl-focused Adversarial Attacksmentioning

confidence: 99%

IoT Device Identification and Cybersecurity: Advancements, Challenges, and an LSTM-MLP Solution

Alshaya

2023

Eng. Technol. Appl. Sci. Res.

View full text Add to dashboard Cite

Over the past few years, there has been an undeniable surge in the deployment of IoT devices. However, this rapid growth has brought new challenges in cybersecurity, as unauthorized device deployment, malicious code modification, malware deployment, and vulnerability exploitation have emerged as significant issues. As a result, there is a growing need for device identification mechanisms based on behavior monitoring. To address these challenges, Machine Learning (ML) and Deep Learning (DL) techniques have been increasingly employed due to advances in the field and improved processing capabilities. However, cyber attackers have developed adversarial attacks that focus on modifying contexts and evading ML evaluations applied to IoT device identification solutions. This article highlights the importance of addressing cybersecurity challenges in the IoT landscape and proposes a hardware behavior-based individual device identification approach using an LSTM-MLP architecture. The proposed architecture was compared to the most common ML/DL classification techniques using data collected from 45 Raspberry Pi devices running identical software and showing promising results in improving device identification. The proposed LSTM-MLP method outperformed previous solutions, achieving an average increase in F1-Score of +0.97 and a minimum TPR of 0.97 for all devices.

show abstract