Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Data-Driven Subsampling in the Presence of an Adversarial Actor

Abu Shafin Mohammad Mahdee Jameel, Ahmed P. Mohamed, Jinho Yi, Aly El Gamal, Akshay Malhotra

TL;DR

This work investigates adversarial robustness in automatic modulation classification (AMC) when using data-driven subsampling. It couples a deep modulation classifier with multiple subsampling schemes, including an ensemble (Holistic) approach, and evaluates resilience under threat models that include attackers with varying knowledge of the classifier and subsampler, via a CW $L_\infty$ adversarial framework on the RML22 dataset. A key finding is that subsampling provides inherent robustness to adversarial perturbations, with the ResNet-based subsampler offering the strongest protection across signal-to-noise conditions; securing and potentially randomizing the subsampler choice further enhances defense. The results suggest practical design strategies for robust, computation-efficient DL-based AMC and have implications for other resource-constrained, adversarially-aware DL systems.

Abstract

Deep learning based automatic modulation classification (AMC) has received significant attention owing to its potential applications in both military and civilian use cases. Recently, data-driven subsampling techniques have been utilized to overcome the challenges associated with computational complexity and training time for AMC. Beyond these direct advantages of data-driven subsampling, these methods also have regularizing properties that may improve the adversarial robustness of the modulation classifier. In this paper, we investigate the effects of an adversarial attack on an AMC system that employs deep learning models both for AMC and for subsampling. Our analysis shows that subsampling itself is an effective deterrent to adversarial attacks. We also uncover the most efficient subsampling strategy when an adversarial attack on both the classifier and the subsampler is anticipated.

Data-Driven Subsampling in the Presence of an Adversarial Actor

TL;DR

This work investigates adversarial robustness in automatic modulation classification (AMC) when using data-driven subsampling. It couples a deep modulation classifier with multiple subsampling schemes, including an ensemble (Holistic) approach, and evaluates resilience under threat models that include attackers with varying knowledge of the classifier and subsampler, via a CW adversarial framework on the RML22 dataset. A key finding is that subsampling provides inherent robustness to adversarial perturbations, with the ResNet-based subsampler offering the strongest protection across signal-to-noise conditions; securing and potentially randomizing the subsampler choice further enhances defense. The results suggest practical design strategies for robust, computation-efficient DL-based AMC and have implications for other resource-constrained, adversarially-aware DL systems.

Abstract

Deep learning based automatic modulation classification (AMC) has received significant attention owing to its potential applications in both military and civilian use cases. Recently, data-driven subsampling techniques have been utilized to overcome the challenges associated with computational complexity and training time for AMC. Beyond these direct advantages of data-driven subsampling, these methods also have regularizing properties that may improve the adversarial robustness of the modulation classifier. In this paper, we investigate the effects of an adversarial attack on an AMC system that employs deep learning models both for AMC and for subsampling. Our analysis shows that subsampling itself is an effective deterrent to adversarial attacks. We also uncover the most efficient subsampling strategy when an adversarial attack on both the classifier and the subsampler is anticipated.
Paper Structure (20 sections, 2 equations, 5 figures, 2 tables)

This paper contains 20 sections, 2 equations, 5 figures, 2 tables.

Table of Contents

  1. Introduction
  2. System Architecture
  3. Deep Modulation Classifier
  4. Subsampling Schemes
  5. Fixed subsampling scheme
  6. Data-driven subsampling scheme
  7. Uniform Subsampler
  8. Complex-CNN Subsampler
  9. ResNet Subsampler
  10. CLDNN Subsampler
  11. Holistic Subsampler
  12. Communication Network Setup
  13. Threat Models
  14. No Attack
  15. Mod Attack
  16. ...and 5 more sections

Figures (5)

  • Figure 1: Architecture of the classifier Network.
  • Figure 2: A typical communication scenario with an adversarial actor. (A) represents the base station. (B), (C), and (D) are indoor, outdoor, and vehicular User Equipment (UE), respectively. (E) is an adversarial base station that has the capability to intercept, modify and re-transmit data coming from (A).
  • Figure 3: Possible communication scenarios from the base station to a UE in the presence of an adversarial actor: (A) No Attack, (B) Mod Attack, (C) Mod+SubSamp Attack.
  • Figure 4: Comparison of classification accuracy for no subsampling vs ResNet subsampler ($\frac{1}{2}$ subsampling rate), in the presence of both Mod Attack and Mod+SubSamp Attacks. In inset, the accuracy difference between scenarios with no subsampling and subsampler is shown for different attack conditions.
  • Figure 5: Performance of different subsamplers under Mod Attack and Mod+SubSamp Attack.