Loughborough University
Browse

Adversarial learning for wireless communications

Download (9.25 MB)
thesis
posted on 2023-02-24, 10:09 authored by Lu Zhang

Deep learning algorithms have been shown to be powerful in many communication network design problems, including that in automatic modulation classification and power allocation in massive MIMO network. However, they are vulnerable to carefully crafted attacks called adversarial examples. Hence, the reliance of wireless networks on deep learning algorithms poses a serious threat to the security and operation of wireless networks. It is of great importance to develop defenses against adversarial attacks in these wireless communication tasks.

In this thesis, several countermeasures are proposed against adversarial attacks in automatic modulation classification and power allocation in massive MIMO network.

A neural rejection technique is first proposed against adversarial attacks generated using fast gradient method and universal adversarial perturbations in modulation classification. Then three countermeasures are proposed based on neural rejection to further enhance the performance. The first defense is based on distillation and an ensemble model, and the second considers label smoothing and Gaussian noise augmentation technique. The third one integrates the adversarial training and label smoothing. The proposed methods can protect DNN from any impact caused by the white-box projected gradient descent attacks. Furthermore, a novel compact transformer is proposed which transfers the adversarial attention map from the robustly trained large transformer to a compact transformer. The proposed compact transformer method outperforms the state-of-the-art techniques for the considered white-box scenarios. Finally, a defense system called noise-augmented neural network is investigated to mitigate the effect of adversarial attacks in power allocation problems in massive multiple-input and multiple-output networks. Its performance against white-box fast gradient sign attacks and projected gradient descent attacks is evaluated.

History

School

  • Mechanical, Electrical and Manufacturing Engineering

Publisher

Loughborough University

Rights holder

© Lu Zhang

Publication date

2023

Notes

A Doctoral Thesis. Submitted in partial fulfilment of the requirements for the award of the degree of Doctor of Philosophy of Loughborough University.

Language

  • en

Supervisor(s)

Sangarapillai Lambotharan ; Gan Zheng

Qualification name

  • PhD

Qualification level

  • Doctoral

This submission includes a signed certificate in addition to the thesis file(s)

  • I have submitted a signed certificate

Usage metrics

    Mechanical, Electrical and Manufacturing Engineering Theses

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC