Adversarial jamming attacks and defense strategies via adaptive deep reinforcement learning
This addresses security concerns for wireless communication systems using DRL, but it is incremental as it builds on existing adversarial attack and defense frameworks in DRL.
The paper tackles the vulnerability of deep reinforcement learning (DRL)-based wireless communication strategies to adversarial jamming attacks by modeling both victim and attacker as DRL agents that adapt to each other, and it proposes three defense strategies that improve the victim's decision-making accuracy, with evaluations showing performance gains.
As the applications of deep reinforcement learning (DRL) in wireless communications grow, sensitivity of DRL based wireless communication strategies against adversarial attacks has started to draw increasing attention. In order to address such sensitivity and alleviate the resulting security concerns, we in this paper consider a victim user that performs DRL-based dynamic channel access, and an attacker that executes DRLbased jamming attacks to disrupt the victim. Hence, both the victim and attacker are DRL agents and can interact with each other, retrain their models, and adapt to opponents' policies. In this setting, we initially develop an adversarial jamming attack policy that aims at minimizing the accuracy of victim's decision making on dynamic channel access. Subsequently, we devise defense strategies against such an attacker, and propose three defense strategies, namely diversified defense with proportional-integral-derivative (PID) control, diversified defense with an imitation attacker, and defense via orthogonal policies. We design these strategies to maximize the attacked victim's accuracy and evaluate their performances.