Membership Inference Attack and Defense for Wireless Signal Classifiers with Deep Learning

07/22/2021
by   Yi Shi, et al.
0

An over-the-air membership inference attack (MIA) is presented to leak private information from a wireless signal classifier. Machine learning (ML) provides powerful means to classify wireless signals, e.g., for PHY-layer authentication. As an adversarial machine learning attack, the MIA infers whether a signal of interest has been used in the training data of a target classifier. This private information incorporates waveform, channel, and device characteristics, and if leaked, can be exploited by an adversary to identify vulnerabilities of the underlying ML model (e.g., to infiltrate the PHY-layer authentication). One challenge for the over-the-air MIA is that the received signals and consequently the RF fingerprints at the adversary and the intended receiver differ due to the discrepancy in channel conditions. Therefore, the adversary first builds a surrogate classifier by observing the spectrum and then launches the black-box MIA on this classifier. The MIA results show that the adversary can reliably infer signals (and potentially the radio and channel information) used to build the target classifier. Therefore, a proactive defense is developed against the MIA by building a shadow MIA model and fooling the adversary. This defense can successfully reduce the MIA accuracy and prevent information leakage from the wireless signal classifier.

READ FULL TEXT
research
06/25/2020

Over-the-Air Membership Inference Attacks as Privacy Threats for Deep Learning-based Wireless Signal Classifiers

This paper presents how to leak private information from a wireless sign...
research
10/23/2019

Trojan Attacks on Wireless Signal Classification with Adversarial Machine Learning

We present a Trojan (backdoor or trapdoor) attack that targets deep lear...
research
05/03/2019

Generative Adversarial Network for Wireless Signal Spoofing

The paper presents a novel approach of spoofing wireless signals by usin...
research
11/22/2022

SoK: Inference Attacks and Defenses in Human-Centered Wireless Sensing

Human-centered wireless sensing aims to understand the fine-grained envi...
research
07/16/2020

Generative Adversarial Network in the Air: Deep Adversarial Learning for Wireless Signal Spoofing

The spoofing attack is critical to bypass physical-layer signal authenti...
research
08/09/2022

Adversarial Machine Learning-Based Anticipation of Threats Against Vehicle-to-Microgrid Services

In this paper, we study the expanding attack surface of Adversarial Mach...
research
12/03/2020

Channel Effects on Surrogate Models of Adversarial Attacks against Wireless Signal Classifiers

We consider a wireless communication system that consists of a backgroun...

Please sign up or login with your details

Forgot password? Click here to reset