MEMBERSHIP INFERENCE ATTACK AND DEFENSE FOR WIRELESS SIGNAL CLASSIFIERS WITH DEEP LEARNING
Authors:
L.C. Usha Maheswari, K. Samatha, K. Akhila
Page No: 698-706
Abstract:
Wireless Membership Inference Attack (MIA) is presented to leak private information from wireless signal classifiers. Machine learning (ML) provides a powerful means to classify wireless signals. For PHY-layer authentication. As an adversarial machine learning attack, MIA infers whether a signal of interest is used in the training data of a target classifier. This private information includes waveform, channel, and device characteristics, which, if leaked, can be exploited by an attacker to identify vulnerabilities in the underlying ML model (e.g., penetrating PHY-layer authentication). The challenge with wireless MIA is that the received signal, and therefore the RF fingerprint, differs between the attacker and the intended receiver due to mismatched channel conditions. Therefore, an attacker first observes the spectrum and builds a surrogate classifier, and then launches black-box MIA on this classifier. The MIA results show that the attacker can reliably infer the signals (and possibly radio and channel information) used to build the target classifier. Therefore, an active defense against MIA is developed by building a shadow MIA model and deceiving the attacker. This defense can reduce the accuracy of MIA and prevent information leakage from the radio signal classifier.
Description:
.
Volume & Issue
Volume-13,ISSUE-12
Keywords
Keywords-Wireless Membership Inference Attack (MIA), PHY-layer Authentication, Radio Signal Classifier, Adversarial Machine Learning