Trojan Attacks on Wireless Signal Classification with Adversarial Machine Learning

Davaslıoğlu, Kemal; Sagduyu, Yalin E.

doi:10.1109/dyspan.2019.8935782

Cited by 82 publications

(42 citation statements)

References 28 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Another key research direction going forward is identifying the type of information being transmitted from an RFML-enabled device to increase attack effectiveness through targeted attacks on acknowledgement messages or transmission decisions, for example [117], [120]. Further, recent work in determining how the training data of RFML systems can be manipulated to cause a degradation in model performance [80], [121] motivates the study of data cleaning methodologies for RFML. Such concerns echo the discussion in Section IV surrounding the need for transparency regarding the generation and metadata parameters for publicly available RFML datasets, as well as validating said datasets before use.…”

Section: Discussion and Future Workmentioning

confidence: 99%

An RFML Ecosystem: Considerations for the Application of Deep Learning to Spectrum Situational Awareness

Wong

Clark

Flowers

et al. 2021

IEEE Open J. Commun. Soc.

View full text Add to dashboard Cite

While deep learning (DL) technologies are now pervasive in state-of-the-art Computer Vision (CV) and Natural Language Processing (NLP) applications, only in recent years have these technologies started to sufficiently mature in applications related to wireless communications, a field loosely termed Radio Frequency Machine Learning (RFML). In particular, recent research has shown DL to be an enabling technology for Cognitive Radio (CR) applications as well as a useful tool for supplementing expertly defined algorithms for spectrum awareness applications such as signal detection, estimation, and classification. A major driver for the usage of RFML is that little, to no, a priori knowledge of the intended spectral environment is required, given that there is an abundance of representative raw Radio Frequency (RF) data to facilitate training and evaluation. However, in addition to this fundamental need for sufficient data, there are other key considerations, such as trust, security, and hardware requirements, that must be taken into account before deploying RFML systems in real-world wireless communication applications that largely go unaddressed in the current literature. This paper examines the prior works related to these major research considerations, with focus on the dependencies between them and factors unique to the RFML space.

show abstract

Section: Discussion and Future Workmentioning

confidence: 99%

An RFML Ecosystem: Considerations for the Application of Deep Learning to Spectrum Situational Awareness

Wong

Clark

Flowers

et al. 2021

IEEE Open J. Commun. Soc.

View full text Add to dashboard Cite

show abstract

“…Outlier detection mechanisms, based on activation, can be combined with clustering and statistical techniques to detect this attack. The clustering technique can detect the attacks despite a few samples being poisoned, and hence, it can detect trojan attacks [31].…”

Section: Literature Reviewmentioning

confidence: 99%

“…Researchers in [32][33][34] investigated the attacks 802.11 networks. Similarly, authors in [35][36][37][38] and [7][8][9][10][11], [24][25][26][27][28][29][30][31][32][33][34][35][36][37][38][39] have investigated the attacks in sensor networks, multi-hop networks, and other network models respectively. Sadeghi and Larsson [40] have described how blackbox adversarial attacks are carried out and their impact on the transmission system's block error rate.…”

Section: Literature Reviewmentioning

confidence: 99%

Analysis of performance vulnerability of MAC scheduling algorithms due to SYN flood attack in 5G NR mmWave

Saikia¹,

Majumder²

2021

IJATEE

View full text Add to dashboard Cite

Fifth-generation (5G) new radio (NR) millimetre wave (mmWave) is a kind of 5G network that operates in the 24GHz to 100GHz frequency range. It offers several opportunities as well as numerous challenges. One of the most prominent challenges that a 5G network faces is intrusion. Intrusion is possible because of existing vulnerabilities in the 5G NR mmWave network architecture. We exploited one such vulnerabil ity to create synchronise (SYN) flood intrusion into the network. The SYN flood intrusion is a denial of service (DoS) intrusion. The intruder who is involved in the SYN flood intrusion depletes the network's available resources. As a result, it denies genuine UEs/nodes access to the network's services and resources. Since this attack produces many open connections with the server, it slows down media access control (MAC) schedulers' ability to assign available channels to the user equipment. In this article, we proposed a method to exploit existing vulnerabilities of the 5G NR mmWave network to carry out SYN flood attacks. Further, we investigated the effect of the attack on the performance of the MAC schedulers, such as proportionate fair and round robin MAC schedulers. With the addition of SYN flood attack UEs/nodes, we observed that the throughput for proportional fair and round robin MAC schedulers drops dramatically.In the event of an attack, throughput drops by 2.34 % to 37.7%. However, in the event of an SYN flood attack, network delay and jitter increase. The performance of the network suffers as a result of that.

show abstract

“…AML attacks have been applied to the wireless domain [16]- [18]. These attacks include inference (exploratory) attacks [19]- [21], evasion (adversarial) attacks [22]- [42], poisoning (causative) attacks [43]- [47], Trojan attacks [48], spoofing attacks [49]- [52], membership inference attacks [53], [54], and attacks to facilitate covert communications [55]- [57]. FL itself is vulnerable to various insider exploits such as data poisoning (a malicious client may manipulate its training data, including both labels or features), model update poisoning (a malicious client may send manipulated models to the server), free-riding attack (a malicious client may claim little to none training data to contribute to FL while receiving the global model without contributing much from its local model), and inference of class representatives, memberships, and training inputs and labels [6], [58]- [60].…”

Section: Introductionmentioning

confidence: 99%

Jamming Attacks on Federated Learning in Wireless Networks

Shi¹,

Sagduyu²

2022

Preprint

Self Cite

View full text Add to dashboard Cite

Federated learning (FL) offers a decentralized learning environment so that a group of clients can collaborate to train a global model at the server, while keeping their training data confidential. This paper studies how to launch over-the-air jamming attacks to disrupt the FL process when it is executed over a wireless network. As a wireless example, FL is applied to learn how to classify wireless signals collected by clients (spectrum sensors) at different locations (such as in cooperative sensing). An adversary can jam the transmissions for the local model updates from clients to the server (uplink attack), or the transmissions for the global model updates the server to clients (downlink attack), or both. Given a budget imposed on the number of clients that can be attacked per FL round, clients for the (uplink/downlink) attack are selected according to their local model accuracies that would be expected without an attack or ranked via spectrum observations. This novel attack is extended to general settings by accounting different processing speeds and attack success probabilities for clients. Compared to benchmark attack schemes, this attack approach degrades the FL performance significantly, thereby revealing new vulnerabilities of FL to jamming attacks in wireless networks.

show abstract

Trojan Attacks on Wireless Signal Classification with Adversarial Machine Learning

Cited by 82 publications

References 28 publications

An RFML Ecosystem: Considerations for the Application of Deep Learning to Spectrum Situational Awareness

An RFML Ecosystem: Considerations for the Application of Deep Learning to Spectrum Situational Awareness

Analysis of performance vulnerability of MAC scheduling algorithms due to SYN flood attack in 5G NR mmWave

Jamming Attacks on Federated Learning in Wireless Networks

Contact Info

Product

Resources

About