Adversarial Deep Learning for Over-the-Air Spectrum Poisoning Attacks

An adversarial deep learning approach is presented to launch over-the-air spectrum poisoning attacks. A transmitter applies deep learning on its spectrum sensing results to predict idle time slots for data transmission. In the meantime, an adversary learns the transmitter's behavior (exploratory attack) by building another deep neural network to predict when transmissions will succeed. The adversary falsifies (poisons) the transmitter's spectrum sensing data over the air by transmitting during the short spectrum sensing period of the transmitter. Depending on whether the transmitter uses the sensing results as test data to make transmit decisions or as training data to retrain its deep neural network, either it is fooled into making incorrect decisions (evasion attack) or the transmitter's algorithm is retrained incorrectly for future decisions (causative attack). Both attacks are energy efficient and hard to detect (stealth) compared to jamming the long data transmission period, and substantially reduce the throughput. A dynamic defense is designed for the transmitter that deliberately makes a small number of incorrect transmissions (selected by the confidence score on channel classification) to manipulate the adversary's training data. This defense effectively fools the adversary (if any) and helps the transmitter sustain its throughput with or without an adversary present.

[1]  W. Marsden I and J , 2012 .

[2]  Kemal Davaslioglu,et al.  Generative Adversarial Learning for Spectrum Sensing , 2018, 2018 IEEE International Conference on Communications (ICC).

[3]  Ameet Talwalkar,et al.  Hyperband: A Novel Bandit-Based Approach to Hyperparameter Optimization , 2016, J. Mach. Learn. Res..

[4]  Walid Saad,et al.  Machine Learning for Wireless Networks with Artificial Intelligence: A Tutorial on Neural Networks , 2017, ArXiv.

[5]  Wenyuan Xu,et al.  The feasibility of launching and detecting jamming attacks in wireless networks , 2005, MobiHoc '05.

[6]  Giovanni Felici,et al.  Hacking smart machines with smarter ones: How to extract meaningful data from machine learning classifiers , 2013, Int. J. Secur. Networks.

[7]  Kaigui Bian,et al.  Robust Distributed Spectrum Sensing in Cognitive Radio Networks , 2008, IEEE INFOCOM 2008 - The 27th Conference on Computer Communications.

[8]  Liang Xiao,et al.  Two-dimensional Anti-jamming Mobile Communication Based on Reinforcement Learning , 2017 .

[9]  Ursula Challita,et al.  Artificial Neural Networks-Based Machine Learning for Wireless Networks: A Tutorial , 2017, IEEE Communications Surveys & Tutorials.

[10]  Zhu Han,et al.  Defeating Primary User Emulation Attacks Using Belief Propagation in Cognitive Radio Networks , 2012, IEEE Journal on Selected Areas in Communications.

[11]  H. Vincent Poor,et al.  Two-dimensional anti-jamming communication based on deep reinforcement learning , 2017, 2017 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP).

[12]  Fan Zhang,et al.  Stealing Machine Learning Models via Prediction APIs , 2016, USENIX Security Symposium.

[13]  Deniz Gündüz,et al.  The Best Defense Is a Good Offense: Adversarial Attacks to Avoid Modulation Detection , 2021, IEEE Transactions on Information Forensics and Security.

[14]  Somesh Jha,et al.  Model Inversion Attacks that Exploit Confidence Information and Basic Countermeasures , 2015, CCS.

[15]  Zhuo Lu,et al.  Enabling Network Anti-Inference via Proactive Strategies: A Fundamental Perspective , 2017, IEEE/ACM Transactions on Networking.

[16]  H. Vincent Poor,et al.  Two-Dimensional Antijamming Mobile Communication Based on Reinforcement Learning , 2017, IEEE Transactions on Vehicular Technology.

[17]  Anthony Ephremides,et al.  MAC games for distributed wireless network security with incomplete information of selfish and malicious user types , 2009, 2009 International Conference on Game Theory for Networks.

[18]  Timothy J. O'Shea,et al.  Applications of Machine Learning to Cognitive Radio Networks , 2007, IEEE Wireless Communications.

[19]  Rob Miller,et al.  Adversarial Examples in RF Deep Learning: Detection of the Attack and its Physical Robustness , 2019, ArXiv.

[20]  Anthony Ephremides,et al.  A game-theoretic analysis of denial of service attacks in wireless random access , 2007, 2007 5th International Symposium on Modeling and Optimization in Mobile, Ad Hoc and Wireless Networks and Workshops.

[21]  Kemal Davaslioglu,et al.  Active Deep Learning Attacks under Strict Rate Limitations for Online API Calls , 2018, 2018 IEEE International Symposium on Technologies for Homeland Security (HST).

[22]  Dong-Ho Cho,et al.  Deep Sensing: Cooperative Spectrum Sensing Based on Convolutional Neural Networks , 2017, ArXiv.

[23]  Samy Bengio,et al.  Adversarial examples in the physical world , 2016, ICLR.

[24]  Yalin E. Sagduyu,et al.  Spectrum Data Poisoning with Adversarial Deep Learning , 2018, MILCOM 2018 - 2018 IEEE Military Communications Conference (MILCOM).

[25]  Yanlong Zhao,et al.  Jamming signals classification using convolutional neural network , 2017, 2017 IEEE International Symposium on Signal Processing and Information Technology (ISSPIT).

[26]  Yalin E. Sagduyu,et al.  Deep Learning for Launching and Mitigating Wireless Jamming Attacks , 2018, IEEE Transactions on Cognitive Communications and Networking.

[27]  Osvaldo Simeone,et al.  A Very Brief Introduction to Machine Learning With Applications to Communication Systems , 2018, IEEE Transactions on Cognitive Communications and Networking.

[28]  Geoffrey Ye Li,et al.  Power of Deep Learning for Channel Estimation and Signal Detection in OFDM Systems , 2017, IEEE Wireless Communications Letters.

[29]  Dongming Wang,et al.  Secure mobile crowdsensing based on deep learning , 2018, China Communications.

[30]  Yoshua Bengio,et al.  Random Search for Hyper-Parameter Optimization , 2012, J. Mach. Learn. Res..

[31]  Lara Dolecek,et al.  Detecting and Counteracting Statistical Attacks in Cooperative Spectrum Sensing , 2012, IEEE Transactions on Signal Processing.

[32]  Yao Zhao,et al.  Adversarial Attacks and Defences Competition , 2018, ArXiv.

[33]  T. Charles Clancy,et al.  Convolutional Radio Modulation Recognition Networks , 2016, EANN.

[34]  Liang Xiao,et al.  Anti-Jamming Underwater Transmission With Mobility and Learning , 2018, IEEE Communications Letters.

[35]  Yalin E. Sagduyu,et al.  Securing the Backpressure Algorithm for Wireless Networks , 2017, IEEE Transactions on Mobile Computing.

[36]  Weihua Zhuang,et al.  User-Centric View of Unmanned Aerial Vehicle Transmission Against Smart Attacks , 2018, IEEE Transactions on Vehicular Technology.

[37]  Liuqing Yang,et al.  Securing physical-layer communications for cognitive radio networks , 2015, IEEE Communications Magazine.

[38]  Walid Saad,et al.  Deep Learning for Signal Authentication and Security in Massive Internet-of-Things Systems , 2018, IEEE Transactions on Communications.

[39]  Christopher Leckie,et al.  Deep Learning Based Game-Theoretical Approach to Evade Jamming Attacks , 2018, GameSec.

[40]  Erik G. Larsson,et al.  Adversarial Attacks on Deep-Learning Based Radio Signal Classification , 2018, IEEE Wireless Communications Letters.

[41]  Anthony Ephremides,et al.  Jamming games in wireless networks with incomplete information , 2011, IEEE Communications Magazine.

[42]  R. Michael Buehrer,et al.  Evaluating Adversarial Evasion Attacks in the Context of Wireless Communications , 2019, IEEE Transactions on Information Forensics and Security.

[43]  Yi Liang,et al.  Deep Learning Based Inference of Private Information Using Embedded Sensors in Smart Devices , 2018, IEEE Network.

[44]  T. Charles Clancy,et al.  Security in Cognitive Radio Networks: Threats and Mitigation , 2008, 2008 3rd International Conference on Cognitive Radio Oriented Wireless Networks and Communications (CrownCom 2008).

[45]  Kemal Davaslioglu,et al.  Adversarial Deep Learning for Cognitive Radio Security: Jamming Attack and Defense Strategies , 2018, 2018 IEEE International Conference on Communications Workshops (ICC Workshops).

[46]  Fabio Roli,et al.  Evasion Attacks against Machine Learning at Test Time , 2013, ECML/PKDD.

[47]  Peter C. Mason,et al.  Defense against spectrum sensing data falsification attacks in mobile ad hoc networks with cognitive radios , 2009, MILCOM 2009 - 2009 IEEE Military Communications Conference.

[48]  Günes Karabulut-Kurt,et al.  Identification of Smart Jammers: Learning based Approaches Using Wavelet Representation , 2019, ArXiv.

[49]  Blaine Nelson,et al.  Poisoning Attacks against Support Vector Machines , 2012, ICML.