TY - GEN
T1 - A Robust Adversarial Network-Based End-to-End Communications System with Strong Generalization Ability Against Adversarial Attacks
AU - Dong, Yudi
AU - Wang, Huaxia
AU - Yao, Yu Dong
N1 - Publisher Copyright:
© 2022 IEEE.
PY - 2022
Y1 - 2022
N2 - End-to-end learning of communications systems is a promising new paradigm for future communications, in which deep neural networks (DNNs) are implemented in the transmitter and receiver as an autoencoder architecture. However, due to DNN's natural vulnerability to adversarial perturbations, the end-to-end communications system exhibits security and robustness issues in terms of adversarial attacks over the air. The common defensive method, known as adversarial training, is to augment training data with adversarial perturbations, but it is hard to cover all possible perturbations and also hurt the system generalization. In this paper, we propose a novel and defensive mechanism based on a generative adversarial network (GAN) framework1 to achieve robust end-to-end learning of a communications system. We utilize a generative network to model a powerful adversary and enable the end-to-end communications system to combat the generative attack network via a minimax game. We show that the proposed system not only works well against white-box and black-box adversarial attacks but also possesses excellent generalization capabilities to maintain good performance under no attacks. The results also show that our GAN-based system outperforms the conventional communications system and the autoencoder communications system with/without adversarial training.
AB - End-to-end learning of communications systems is a promising new paradigm for future communications, in which deep neural networks (DNNs) are implemented in the transmitter and receiver as an autoencoder architecture. However, due to DNN's natural vulnerability to adversarial perturbations, the end-to-end communications system exhibits security and robustness issues in terms of adversarial attacks over the air. The common defensive method, known as adversarial training, is to augment training data with adversarial perturbations, but it is hard to cover all possible perturbations and also hurt the system generalization. In this paper, we propose a novel and defensive mechanism based on a generative adversarial network (GAN) framework1 to achieve robust end-to-end learning of a communications system. We utilize a generative network to model a powerful adversary and enable the end-to-end communications system to combat the generative attack network via a minimax game. We show that the proposed system not only works well against white-box and black-box adversarial attacks but also possesses excellent generalization capabilities to maintain good performance under no attacks. The results also show that our GAN-based system outperforms the conventional communications system and the autoencoder communications system with/without adversarial training.
KW - Adversarial attacks
KW - Adversarial networks
KW - Robust end-to-end learning
KW - Wireless communications security
UR - http://www.scopus.com/inward/record.url?scp=85137269272&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85137269272&partnerID=8YFLogxK
U2 - 10.1109/ICC45855.2022.9838452
DO - 10.1109/ICC45855.2022.9838452
M3 - Conference contribution
AN - SCOPUS:85137269272
T3 - IEEE International Conference on Communications
SP - 4086
EP - 4091
BT - ICC 2022 - IEEE International Conference on Communications
T2 - 2022 IEEE International Conference on Communications, ICC 2022
Y2 - 16 May 2022 through 20 May 2022
ER -