Robust Generative Defense Against Adversarial Attacks in Intelligent Modulation Recognition

Abstract

Deep neural network (DNN) greatly improves the efficiency of modulation recognition in wireless communication, but it also suffers from attacks. Generative artificial intelligence (GAI) possesses powerful data generation capabilities, which can be used to defend against attacks in modulation recognition. In practical scenarios, black box attack can be implemented without information on the model. This is a great security threat. The existing defense methods are difficult to improve the robustness of the model while ensuring the recognition accuracy of the original signals. Therefore, this paper uses GAI to propose an adversarial decoupled defense method to protect modulation recognition. Firstly, for weak adversarial perturbations, the empirical mode decomposition (EMD) is used to highlight the high-frequency features in the signal, and the adversary detector is designed to detect the suspiciousness. Then, the signal is regenerated based on the generative adversarial network (GAN) to weaken the antagonism in the example. Further, the traditional adversarial training is decoupled into an original branch and an adversarial branch, and the outputs of the two branches are fused according to the suspiciousness. Simulation results show that the proposed defense method has high recognition accuracy for both original examples and adversarial examples even under attacks, and can effectively improve the robustness of the intelligent recognition model.