HyperAdv: Dynamic Defense Against Adversarial Radio Frequency Machine Learning Systems

Radio Frequency Machine Learning Systems (RFMLS) have attracted increasing interest over the past few years. However, it has been demonstrated that RFMLS are vulnerable to Adversarial Machine Learning (AML). While AML has been extensively investigated in traditional domains, current state of the art...

Full description

Saved in:
Bibliographic Details
Main Authors: Zhang, Milin, De Lucia, Michael, Swami, Ananthram, Ashdown, Jonathan, Turck, Kurt, Restuccia, Francesco
Format: Conference Proceeding
Language:English
Subjects:
Accuracy
Adversarial machine learning
Artificial neural networks
Ensemble learning
Military communication
Robustness
Training
Wireless communication
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
cited_by
cites
container_end_page 826
container_issue
container_start_page 821
container_title
container_volume
creator Zhang, Milin
De Lucia, Michael
Swami, Ananthram
Ashdown, Jonathan
Turck, Kurt
Restuccia, Francesco
description Radio Frequency Machine Learning Systems (RFMLS) have attracted increasing interest over the past few years. However, it has been demonstrated that RFMLS are vulnerable to Adversarial Machine Learning (AML). While AML has been extensively investigated in traditional domains, current state of the art often compromises the performance on benign data or introduces excessive computational overhead. As such, it cannot meet the strict requirements of tactical RFMLS. In this paper, we propose a novel defense approach based on dynamic adaptation of Deep Neural Network (DNN). Specifically, we leverage a hypernetwork to dynamically generate diverse parameters for a target DNN during inference. In addition, an ensemble learning and multi-stage training framework is proposed to train such a hypernetwork. Experimental results show that the proposed defense can increase the accuracy on adversarial examples by 48% and 16% in comparison to naturally trained DNN and defensive training strategies, respectively.
doi_str_mv 10.1109/MILCOM61039.2024.10773813
format conference_proceeding
fullrecord <record><control><sourceid>ieee_CHZPO</sourceid><recordid>TN_cdi_ieee_primary_10773813</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>10773813</ieee_id><sourcerecordid>10773813</sourcerecordid><originalsourceid>FETCH-ieee_primary_107738133</originalsourceid><addsrcrecordid>eNqFzsFOAjEQgOFiYgLRfQMO4wOwzrTsduuNgAQTNiZqvJLJMkANW7FFk769HvTs6T98l1-pG8KSCN1t-7CeP7Y1oXGlRj0tCa01DZmBKpx1janQ2Kk2eKFGmqpqYqumHqoipTdEJN3U2tFIva7ySeJs-3UHixy49x0sZCchCcz27EM6ww9KTBw9H-GJt_4dllE-PiV0GVruDj4IrIVj8GEPzzmdpU_X6nLHxyTFb6_UeHn_Ml9NvIhsTtH3HPPmb9n8w9_I5kVF</addsrcrecordid><sourcetype>Publisher</sourcetype><iscdi>true</iscdi><recordtype>conference_proceeding</recordtype></control><display><type>conference_proceeding</type><title>HyperAdv: Dynamic Defense Against Adversarial Radio Frequency Machine Learning Systems</title><source>IEEE Xplore All Conference Series</source><creator>Zhang, Milin ; De Lucia, Michael ; Swami, Ananthram ; Ashdown, Jonathan ; Turck, Kurt ; Restuccia, Francesco</creator><creatorcontrib>Zhang, Milin ; De Lucia, Michael ; Swami, Ananthram ; Ashdown, Jonathan ; Turck, Kurt ; Restuccia, Francesco</creatorcontrib><description>Radio Frequency Machine Learning Systems (RFMLS) have attracted increasing interest over the past few years. However, it has been demonstrated that RFMLS are vulnerable to Adversarial Machine Learning (AML). While AML has been extensively investigated in traditional domains, current state of the art often compromises the performance on benign data or introduces excessive computational overhead. As such, it cannot meet the strict requirements of tactical RFMLS. In this paper, we propose a novel defense approach based on dynamic adaptation of Deep Neural Network (DNN). Specifically, we leverage a hypernetwork to dynamically generate diverse parameters for a target DNN during inference. In addition, an ensemble learning and multi-stage training framework is proposed to train such a hypernetwork. Experimental results show that the proposed defense can increase the accuracy on adversarial examples by 48% and 16% in comparison to naturally trained DNN and defensive training strategies, respectively.</description><identifier>EISSN: 2155-7586</identifier><identifier>EISBN: 9798350374230</identifier><identifier>DOI: 10.1109/MILCOM61039.2024.10773813</identifier><language>eng</language><publisher>IEEE</publisher><subject>Accuracy ; Adversarial machine learning ; Artificial neural networks ; Ensemble learning ; Military communication ; Robustness ; Training ; Wireless communication</subject><ispartof>MILCOM IEEE Military Communications Conference, 2024, p.821-826</ispartof><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/10773813$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>309,310,776,780,785,786,27904,54533,54910</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/10773813$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Zhang, Milin</creatorcontrib><creatorcontrib>De Lucia, Michael</creatorcontrib><creatorcontrib>Swami, Ananthram</creatorcontrib><creatorcontrib>Ashdown, Jonathan</creatorcontrib><creatorcontrib>Turck, Kurt</creatorcontrib><creatorcontrib>Restuccia, Francesco</creatorcontrib><title>HyperAdv: Dynamic Defense Against Adversarial Radio Frequency Machine Learning Systems</title><title>MILCOM IEEE Military Communications Conference</title><addtitle>MILCOM</addtitle><description>Radio Frequency Machine Learning Systems (RFMLS) have attracted increasing interest over the past few years. However, it has been demonstrated that RFMLS are vulnerable to Adversarial Machine Learning (AML). While AML has been extensively investigated in traditional domains, current state of the art often compromises the performance on benign data or introduces excessive computational overhead. As such, it cannot meet the strict requirements of tactical RFMLS. In this paper, we propose a novel defense approach based on dynamic adaptation of Deep Neural Network (DNN). Specifically, we leverage a hypernetwork to dynamically generate diverse parameters for a target DNN during inference. In addition, an ensemble learning and multi-stage training framework is proposed to train such a hypernetwork. Experimental results show that the proposed defense can increase the accuracy on adversarial examples by 48% and 16% in comparison to naturally trained DNN and defensive training strategies, respectively.</description><subject>Accuracy</subject><subject>Adversarial machine learning</subject><subject>Artificial neural networks</subject><subject>Ensemble learning</subject><subject>Military communication</subject><subject>Robustness</subject><subject>Training</subject><subject>Wireless communication</subject><issn>2155-7586</issn><isbn>9798350374230</isbn><fulltext>true</fulltext><rsrctype>conference_proceeding</rsrctype><creationdate>2024</creationdate><recordtype>conference_proceeding</recordtype><sourceid>6IE</sourceid><recordid>eNqFzsFOAjEQgOFiYgLRfQMO4wOwzrTsduuNgAQTNiZqvJLJMkANW7FFk769HvTs6T98l1-pG8KSCN1t-7CeP7Y1oXGlRj0tCa01DZmBKpx1janQ2Kk2eKFGmqpqYqumHqoipTdEJN3U2tFIva7ySeJs-3UHixy49x0sZCchCcz27EM6ww9KTBw9H-GJt_4dllE-PiV0GVruDj4IrIVj8GEPzzmdpU_X6nLHxyTFb6_UeHn_Ml9NvIhsTtH3HPPmb9n8w9_I5kVF</recordid><startdate>20241028</startdate><enddate>20241028</enddate><creator>Zhang, Milin</creator><creator>De Lucia, Michael</creator><creator>Swami, Ananthram</creator><creator>Ashdown, Jonathan</creator><creator>Turck, Kurt</creator><creator>Restuccia, Francesco</creator><general>IEEE</general><scope>6IE</scope><scope>6IH</scope><scope>CBEJK</scope><scope>RIE</scope><scope>RIO</scope></search><sort><creationdate>20241028</creationdate><title>HyperAdv: Dynamic Defense Against Adversarial Radio Frequency Machine Learning Systems</title><author>Zhang, Milin ; De Lucia, Michael ; Swami, Ananthram ; Ashdown, Jonathan ; Turck, Kurt ; Restuccia, Francesco</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-ieee_primary_107738133</frbrgroupid><rsrctype>conference_proceedings</rsrctype><prefilter>conference_proceedings</prefilter><language>eng</language><creationdate>2024</creationdate><topic>Accuracy</topic><topic>Adversarial machine learning</topic><topic>Artificial neural networks</topic><topic>Ensemble learning</topic><topic>Military communication</topic><topic>Robustness</topic><topic>Training</topic><topic>Wireless communication</topic><toplevel>online_resources</toplevel><creatorcontrib>Zhang, Milin</creatorcontrib><creatorcontrib>De Lucia, Michael</creatorcontrib><creatorcontrib>Swami, Ananthram</creatorcontrib><creatorcontrib>Ashdown, Jonathan</creatorcontrib><creatorcontrib>Turck, Kurt</creatorcontrib><creatorcontrib>Restuccia, Francesco</creatorcontrib><collection>IEEE Electronic Library (IEL) Conference Proceedings</collection><collection>IEEE Proceedings Order Plan (POP) 1998-present by volume</collection><collection>IEEE Xplore All Conference Proceedings</collection><collection>IEEE Electronic Library (IEL)</collection><collection>IEEE Proceedings Order Plans (POP) 1998-present</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Zhang, Milin</au><au>De Lucia, Michael</au><au>Swami, Ananthram</au><au>Ashdown, Jonathan</au><au>Turck, Kurt</au><au>Restuccia, Francesco</au><format>book</format><genre>proceeding</genre><ristype>CONF</ristype><atitle>HyperAdv: Dynamic Defense Against Adversarial Radio Frequency Machine Learning Systems</atitle><btitle>MILCOM IEEE Military Communications Conference</btitle><stitle>MILCOM</stitle><date>2024-10-28</date><risdate>2024</risdate><spage>821</spage><epage>826</epage><pages>821-826</pages><eissn>2155-7586</eissn><eisbn>9798350374230</eisbn><abstract>Radio Frequency Machine Learning Systems (RFMLS) have attracted increasing interest over the past few years. However, it has been demonstrated that RFMLS are vulnerable to Adversarial Machine Learning (AML). While AML has been extensively investigated in traditional domains, current state of the art often compromises the performance on benign data or introduces excessive computational overhead. As such, it cannot meet the strict requirements of tactical RFMLS. In this paper, we propose a novel defense approach based on dynamic adaptation of Deep Neural Network (DNN). Specifically, we leverage a hypernetwork to dynamically generate diverse parameters for a target DNN during inference. In addition, an ensemble learning and multi-stage training framework is proposed to train such a hypernetwork. Experimental results show that the proposed defense can increase the accuracy on adversarial examples by 48% and 16% in comparison to naturally trained DNN and defensive training strategies, respectively.</abstract><pub>IEEE</pub><doi>10.1109/MILCOM61039.2024.10773813</doi></addata></record>
fulltext fulltext_linktorsrc
identifier EISSN: 2155-7586
ispartof MILCOM IEEE Military Communications Conference, 2024, p.821-826
issn 2155-7586
language eng
recordid cdi_ieee_primary_10773813
source IEEE Xplore All Conference Series
subjects Accuracy
Adversarial machine learning
Artificial neural networks
Ensemble learning
Military communication
Robustness
Training
Wireless communication
title HyperAdv: Dynamic Defense Against Adversarial Radio Frequency Machine Learning Systems
url http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-23T12%3A11%3A27IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-ieee_CHZPO&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=proceeding&rft.atitle=HyperAdv:%20Dynamic%20Defense%20Against%20Adversarial%20Radio%20Frequency%20Machine%20Learning%20Systems&rft.btitle=MILCOM%20IEEE%20Military%20Communications%20Conference&rft.au=Zhang,%20Milin&rft.date=2024-10-28&rft.spage=821&rft.epage=826&rft.pages=821-826&rft.eissn=2155-7586&rft_id=info:doi/10.1109/MILCOM61039.2024.10773813&rft.eisbn=9798350374230&rft_dat=%3Cieee_CHZPO%3E10773813%3C/ieee_CHZPO%3E%3Cgrp_id%3Ecdi_FETCH-ieee_primary_107738133%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_id=info:pmid/&rft_ieee_id=10773813&rfr_iscdi=true