Skip to main content
SpringerLink
Log in

Momentum-Based Adversarial Attacks Against End-to-End Communication Systems

  • Conference paper
  • First Online:
Wireless and Satellite Systems (WiSATS 2021)

Included in the following conference series:

Abstract

Deep learning (DL) based communication system is a promising novel architecture to implement end-to-end optimization compared with conventional block-separated optimization schemes. However, the vulnerability to adversarial examples of deep neural networks poses significant security concern on the end-to-end communication systems. Adversarial attacks serve as a fundamental surrogate to evaluate the robustness of the DL-based communication systems before they are deployed. Specifically, we propose a new adversarial attack method with momentum iterative gradient against the end-to-end communication systems. For targeted attacks, embedding the momentum term in the iterative process can help loss function stabilize the update direction and avoid getting stuck in saddle points and poor local minima. Therefore, the momentum-based method can enhance the effectiveness without losing the transferability of adversarial attacks. Numerous simulation results illustrate that the proposed method can achieve superior block error rate compared with traditional jamming attacks and no momentum accumulated adversarial attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 109.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 139.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. O’Shea, T., Hoydis, J.: An introduction to deep learning for the physical layer. IEEE Trans. Cognit. Commun. Netw. 3(4), 563–575 (2017). https://doi.org/10.1109/TCCN.2017.2758370

    Article  Google Scholar 

  2. Dörner, S., Cammerer, S., Hoydis, J., Brink, S.t.: Deep learning based communication over the air. IEEE J. Sel. Top. Signal Process. 12(1), 132–143 (2018). https://doi.org/10.1109/JSTSP.2017.2784180

  3. Ye, H., Liang, L., Li, G.Y., Juang, B.H.: Deep learning-based end-to-end wireless communication systems with conditional gans as unknown channels. IEEE Trans. Wirel. Commun. 19(5), 3133–3143 (2020). https://doi.org/10.1109/TWC.2020.2970707

    Article  Google Scholar 

  4. Chen, X., Cheng, J., Zhang, Z., Wu, L., Dang, J., Wang, J.: Data-rate driven transmission strategies for deep learning-based communication systems. IEEE Trans. Commun. 68(4), 2129–2142 (2020). https://doi.org/10.1109/TCOMM.2020.2968314

    Article  Google Scholar 

  5. Ye, H., Li, G.Y., Juang, B.H.F.: Deep learning based end-to-end wireless communication systems without pilots. IEEE Trans. Cognit. Commun. Netw. 1 (2021). https://doi.org/10.1109/TCCN.2021.3061464

  6. Goodfellow, I.J., Shlens, J., Szegedy, C.: Explaining and harnessing adversarial examples. arXiv preprint arXiv:1412.6572 (2014)

  7. Szegedy, C., et al.: Intriguing properties of neural networks. arXiv preprint arXiv:1312.6199 (2013)

  8. Sadeghi, M., Larsson, E.G.: Physical adversarial attacks against end-to-end autoencoder communication systems. IEEE Commun. Lett. 23(5), 847–850 (2019). https://doi.org/10.1109/LCOMM.2019.2901469

    Article  Google Scholar 

  9. Sadeghi, M., Larsson, E.G.: Adversarial attacks on deep-learning based radio signal classification. IEEE Wirel. Commun. Lett. 8(1), 213–216 (2019). https://doi.org/10.1109/LWC.2018.2867459

    Article  Google Scholar 

  10. Kurakin, A., Goodfellow, I., Bengio, S.: Adversarial machine learning at scale. arXiv preprint arXiv:1611.01236 (2016)

  11. Goodfellow, I., Bengio, Y., Courville, A., Bengio, Y.: Deep Learning, vol. 1. MIT press, Cambridge (2016)

    Google Scholar 

  12. Polyak, B.T.: Some methods of speeding up the convergence of iteration methods. USSR Comput. Math. Math. Phys. 4(5), 1–17 (1964)

    Article  Google Scholar 

  13. Dong, Y., et al.: Boosting adversarial attacks with momentum. In: Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition, pp. 9185–9193 (2018)

    Google Scholar 

  14. Duch, W., Korczak, J.: Optimization and global minimization methods suitable for neural networks. Neural Comput. Surv. 2, 163–212 (1998)

    Google Scholar 

  15. Sutskever, I., Martens, J., Dahl, G., Hinton, G.: On the importance of initialization and momentum in deep learning. In: International Conference on Machine Learning, pp. 1139–1147. PMLR (2013)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Communication Research Center, Harbin Institute of Technology, Harbin, China

    Qiuna Zhang, Yongkui Ma, Honglin Zhao, Chengzhao Shan & Jiayan Zhang

Authors
  1. Qiuna Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yongkui Ma
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Honglin Zhao
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Chengzhao Shan
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Jiayan Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Honglin Zhao .

Editor information

Editors and Affiliations

  1. Harbin Institute of Technology, Harbin, China

    Qing Guo

  2. Harbin Institute of Technology, Harbin, China

    Weixiao Meng

  3. Harbin Institute of Technology, Harbin, China

    Min Jia

  4. Harbin University of Science and Technology, Harbin, China

    Xue Wang

Rights and permissions

Reprints and permissions

Copyright information

© 2022 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Zhang, Q., Ma, Y., Zhao, H., Shan, C., Zhang, J. (2022). Momentum-Based Adversarial Attacks Against End-to-End Communication Systems. In: Guo, Q., Meng, W., Jia, M., Wang, X. (eds) Wireless and Satellite Systems. WiSATS 2021. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 410. Springer, Cham. https://doi.org/10.1007/978-3-030-93398-2_48

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-93398-2_48

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-93397-5

  • Online ISBN: 978-3-030-93398-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation