Signal identification attack defense method based on generative adversarial network

Abstract

A defense method based on generative adversarial network attacks comprises the following steps: 1) establishing an appropriate generative adversarial network structure GAN by using a long short term memory (LSTM) network; 2) pre-training a discrimination model in the structure; 3) according to the loss function of the generator G, training the generator G by taking the number of iterations as a limit and the convergence loss function as a purpose; 4) according to the loss function of the generator D, training the generator D by taking the number of iterations as a limit and the convergence loss function as a purpose; (5) repeating the steps (3) to (4), optimizing a generator and a discriminator in the generative adversarial network in turn, obtaining a better network structure by taking the number of iterations as an upper limit, and completing the generation of an optimal adversarial sample; 6) observing indexes of the adversarial samples and generating a large number of adversarial samples of different types of signals, and 7) adding some screened adversarial samples into a model training stage to achieve a defense effect on signal boundary exploration attacks.

Description

technical field [0001] The invention relates to a defense method against network attacks based on generation. Background technique [0002] Deep learning can obtain more accurate classification results than general algorithms by learning and calculating the potential connections of large amounts of data, and has powerful feature learning capabilities and feature expression capabilities. Therefore, deep learning technology is widely used in the field of artificial intelligence, including automatic driving technology, augmented reality technology, computer vision, biomedical diagnosis, natural language processing technology, etc. Deep learning uses neural networks with huge parameters, such as typical convolutional neural networks (CNN) and recurrent neural networks (RNN), for feature extraction, which can effectively complete the processing of image data and time series data. [0003] At present, deep learning technology has been more and more widely used in the field of rad...

AI Technical Summary

Problems solved by technology

Even with a well-trained deep learning model, in the face of some special subtle disturbances, if there is a misjudgment of classification, it is easy to seriously interfere with the identification of signal modulation types, resulting in errors in the extraction of important information in the signal and delays. Real-time communication, causing hidden dangers of signal transmission security issues

For example: In Meysam Sadeghi, Erik G.Larsson's "Adversarial Attacks on Deep-Learning Based Radio Signal Classification" article, it is mentioned in detail that the black-box and white-box attack methods of the radio signal modulation type recognition model based on deep learning , the radio signal modulation type recognition model based on the deep learning model is prone to adversarial attacks from adversarial samples, which greatly reduces the recognition accuracy. Therefore, there is a greater security in applying the deep learning model to the field of radio signal modulation type recognition. Hidden danger

Images