Countermeasures Against Adversarial Examples in Radio Signal Classification
This work addresses security threats in wireless networks by protecting modulation classification systems from adversarial attacks, representing an incremental improvement in countermeasure methods.
The paper tackles the vulnerability of deep learning-based modulation classification systems to adversarial examples by proposing a neural rejection technique augmented with label smoothing and Gaussian noise injection, achieving high accuracy in detecting and rejecting such attacks.
Deep learning algorithms have been shown to be powerful in many communication network design problems, including that in automatic modulation classification. However, they are vulnerable to carefully crafted attacks called adversarial examples. Hence, the reliance of wireless networks on deep learning algorithms poses a serious threat to the security and operation of wireless networks. In this letter, we propose for the first time a countermeasure against adversarial examples in modulation classification. Our countermeasure is based on a neural rejection technique, augmented by label smoothing and Gaussian noise injection, that allows to detect and reject adversarial examples with high accuracy. Our results demonstrate that the proposed countermeasure can protect deep-learning based modulation classification systems against adversarial examples.