Explanation-Guided Backdoor Attacks Against Model-Agnostic RF Fingerprinting Systems

IF 7.7 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

IEEE Transactions on Mobile Computing Pub Date : 2024-10-30 DOI:10.1109/TMC.2024.3487967

Tianya Zhao;Junqing Zhang;Shiwen Mao;Xuyu Wang

{"title":"Explanation-Guided Backdoor Attacks Against Model-Agnostic RF Fingerprinting Systems","authors":"Tianya Zhao;Junqing Zhang;Shiwen Mao;Xuyu Wang","doi":"10.1109/TMC.2024.3487967","DOIUrl":null,"url":null,"abstract":"Despite the proven capabilities of deep neural networks (DNNs) in identifying devices through radio frequency (RF) fingerprinting, the security vulnerabilities of these deep learning models have been largely overlooked. While the threat of backdoor attacks is well-studied in the image domain, few works have explored this threat in the context of RF signals. In this paper, we thoroughly analyze the susceptibility of DNN-based RF fingerprinting to backdoor attacks, focusing on a more practical scenario where attackers lack access to control model gradients and training processes. We propose leveraging explainable machine learning techniques and autoencoders to guide the selection of trigger positions and values, allowing for the creation of effective backdoor triggers in a model-agnostic manner. To comprehensively evaluate this backdoor attack, we employ four diverse datasets with two protocols (Wi-Fi and LoRa) across various DNN architectures. Given that RF signals are often transformed into the frequency or time-frequency domains, this study also assesses attack efficacy in the time-frequency domain. Furthermore, we experiment with potential detection and defense methods, demonstrating the difficulty of fully safeguarding against our proposed backdoor attack. Additionally, we consider the attack performance in the domain shift case.","PeriodicalId":50389,"journal":{"name":"IEEE Transactions on Mobile Computing","volume":"24 3","pages":"2029-2042"},"PeriodicalIF":7.7000,"publicationDate":"2024-10-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Mobile Computing","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10738467/","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

Despite the proven capabilities of deep neural networks (DNNs) in identifying devices through radio frequency (RF) fingerprinting, the security vulnerabilities of these deep learning models have been largely overlooked. While the threat of backdoor attacks is well-studied in the image domain, few works have explored this threat in the context of RF signals. In this paper, we thoroughly analyze the susceptibility of DNN-based RF fingerprinting to backdoor attacks, focusing on a more practical scenario where attackers lack access to control model gradients and training processes. We propose leveraging explainable machine learning techniques and autoencoders to guide the selection of trigger positions and values, allowing for the creation of effective backdoor triggers in a model-agnostic manner. To comprehensively evaluate this backdoor attack, we employ four diverse datasets with two protocols (Wi-Fi and LoRa) across various DNN architectures. Given that RF signals are often transformed into the frequency or time-frequency domains, this study also assesses attack efficacy in the time-frequency domain. Furthermore, we experiment with potential detection and defense methods, demonstrating the difficulty of fully safeguarding against our proposed backdoor attack. Additionally, we consider the attack performance in the domain shift case.

查看原文本刊更多论文

求助全文

约1分钟内获得全文求助全文

来源期刊

IEEE Transactions on Mobile Computing 工程技术-电信学

CiteScore

12.90

自引率

2.50%

发文量

403

审稿时长

6.6 months

期刊介绍： IEEE Transactions on Mobile Computing addresses key technical issues related to various aspects of mobile computing. This includes (a) architectures, (b) support services, (c) algorithm/protocol design and analysis, (d) mobile environments, (e) mobile communication systems, (f) applications, and (g) emerging technologies. Topics of interest span a wide range, covering aspects like mobile networks and hosts, mobility management, multimedia, operating system support, power management, online and mobile environments, security, scalability, reliability, and emerging technologies such as wearable computers, body area networks, and wireless sensor networks. The journal serves as a comprehensive platform for advancements in mobile computing research.