liu.seSearch for publications in DiVA
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • oxford
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Downlink Power Allocation in Massive MIMO via Deep Learning: Adversarial Attacks and Training
Linköping University, Department of Electrical Engineering, Communication Systems. Linköping University, Faculty of Science & Engineering. Indian Inst Technol Guwahati, India.
Linköping University, Department of Electrical Engineering, Communication Systems. Linköping University, Faculty of Science & Engineering.
Linköping University, Department of Electrical Engineering, Communication Systems. Linköping University, Faculty of Science & Engineering.ORCID iD: 0000-0002-7599-4367
2022 (English)In: IEEE Transactions on Cognitive Communications and Networking, E-ISSN 2332-7731, Vol. 8, no 2, p. 707-719Article in journal (Refereed) Published
Abstract [en]

The successful emergence of deep learning (DL) in wireless system applications has raised concerns about new security-related challenges. One such security challenge is adversarial attacks. Although there has been much work demonstrating the susceptibility of DL-based classification tasks to adversarial attacks, regression-based problems in the context of a wireless system have not been studied so far from an attack perspective. The aim of this paper is twofold: (i) we consider a regression problem in a wireless setting and show that adversarial attacks can break the DL-based approach and (ii) we analyze the effectiveness of adversarial training as a defensive technique in adversarial settings and show that the robustness of DL-based wireless system against attacks improves significantly. Specifically, the wireless application considered in this paper is the DL-based power allocation in the downlink of a multicell massive multi-input-multi-output system, where the goal of the attack is to yield an infeasible solution by the DL model. We extend the gradient-based adversarial attacks: fast gradient sign method (FGSM), momentum iterative FGSM, and projected gradient descent method to analyze the susceptibility of the considered wireless application with and without adversarial training. We analyze the deep neural network (DNN) models performance against these attacks, where the adversarial perturbations are crafted using both the white-box and black-box attacks.

Place, publisher, year, edition, pages
IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC , 2022. Vol. 8, no 2, p. 707-719
Keywords [en]
Adversarial attacks; adversarial training; black-box attack; deep neural networks; massive MIMO; regression; white-box attack
National Category
Computer Systems
Identifiers
URN: urn:nbn:se:liu:diva-186154DOI: 10.1109/TCCN.2022.3147203ISI: 000808086800023OAI: oai:DiVA.org:liu-186154DiVA, id: diva2:1674751
Note

Funding Agencies|Security-Link; SSF SURPRISE project

Available from: 2022-06-22 Created: 2022-06-22 Last updated: 2023-01-25

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full text

Search in DiVA

By author/editor
Manoj, B. R.Sadeghi, MeysamLarsson, Erik G
By organisation
Communication SystemsFaculty of Science & Engineering
In the same journal
IEEE Transactions on Cognitive Communications and Networking
Computer Systems

Search outside of DiVA

GoogleGoogle Scholar

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 31 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • oxford
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf