SpringerLink
Log in

On Protection of the Next-Generation Mobile Networks Against Adversarial Examples

  • Chapter
  • First Online:
Artificial Intelligence for Security

  • 43 Accesses

Abstract

As artificial intelligence (AI) has become an integral part of modern mobile networks, there is an increasing concern about vulnerabilities of intelligent machine learning (ML)-driven network components to adversarial effects. Due to the shared nature of wireless mediums, these components may be susceptible to sophisticated attacks that can manipulate the training and inference processes of the AI/ML models over the air. In our research, we focus on adversarial example attacks. During such an attack, an adversary aims to supply intelligently crafted input features to the target model so that it outputs a certain wrong result. This type of attack is the most realistic threat to the AI/ML models deployed in a 5G network since it takes place in the inference stage and therefore does not require having access to either the target model or the datasets during the training. In this study, we first provide experimental results for multiple use cases in order to demonstrate that such an attack approach can be carried out against various AI/ML-driven frameworks which might be present in the mobile network. After that, we discuss the defence mechanisms service providers may employ in order to protect the target network from adversarial effects.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
EUR 32.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or Ebook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
EUR 29.95
Price includes VAT (France)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
EUR 154.07
Price includes VAT (France)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Hardcover Book
EUR 189.89
Price includes VAT (France)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free ship** worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Alkhateeb, A.: Deepmimo: A generic deep learning dataset for millimeter wave and massive MIMO applications. ar**v:1902.06435 (2019)

    Google Scholar 

  2. Alrabeiah, M., Alkhateeb, A.: Deep learning for TDD and FDD massive MIMO: Map** channels in space and frequency. In: 2019 53rd Asilomar Conference on Signals, Systems, and Computers, pp. 1465–1470. IEEE, Piscataway (2019)

    Google Scholar 

  3. Alrabeiah, M., Alkhateeb, A.: Deep learning for mmWave beam and blockage prediction using sub-6 GHz channels. IEEE Trans. Commun. 68(9), 5504–5518 (2020)

    Article  Google Scholar 

  4. Alzantot, M., Sharma, Y., Chakraborty, S., Zhang, H., Hsieh, C.J., Srivastava, M.B.: Genattack: Practical black-box attacks with gradient-free optimization. In: Proceedings of the Genetic and Evolutionary Computation Conference, pp. 1111–1119 (2019)

    Google Scholar 

  5. Brendel, W., Rauber, J., Bethge, M.: Decision-based adversarial attacks: Reliable attacks against black-box machine learning models. ar**v:1712.04248 (2017)

    Google Scholar 

  6. Cao, G., Lu, Z., Wen, X., Lei, T., Hu, Z.: Aif: an artificial intelligence framework for smart wireless network management. IEEE Commun. Lett. 22(2), 400–403 (2018). https://doi.org/10.1109/LCOMM.2017.2776917

    Article  Google Scholar 

  7. Catak, E., Catak, F.O., Moldsvor, A.: Adversarial machine learning security problems for 6G: mmWave beam prediction use-case. ar**v:2103.07268 (2021)

    Google Scholar 

  8. Chen, M., Saad, W., Yin, C., Debbah, M.: Echo state networks for proactive caching in cloud-based radio access networks with mobile users. IEEE Trans. Wirel. Commun. 16(6), 3520–3535 (2017). https://doi.org/10.1109/TWC.2017.2683482

    Article  Google Scholar 

  9. Chen, J., Jordan, M.I., Wainwright, M.J.: Hopskipjumpattack: A query-efficient decision-based attack. In: 2020 IEEE Symposium on Security and Privacy (SP), pp. 1277–1294. IEEE, Piscataway (2020)

    Google Scholar 

  10. Cousik, T.S., Shah, V.K., Erpek, T., Sagduyu, Y.E., Reed, J.H.: Deep learning for fast and reliable initial access in AI-driven 6G mmWave networks. ar**v:2101.01847 (2021)

    Google Scholar 

  11. Dong, Y., Liao, F., Pang, T., Su, H., Zhu, J., Hu, X., Li, J.: Boosting adversarial attacks with momentum. In: 2018 IEEE/CVF Conference on Computer Vision and Pattern Recognition, pp. 9185–9193 (2018). https://doi.org/10.1109/CVPR.2018.00957

  12. Feinman, R., Curtin, R.R., Shintre, S., Gardner, A.B.: Detecting adversarial samples from artifacts. ar**v:1703.00410 (2017)

    Google Scholar 

  13. Fernández Maimó, L., Perales Gómez, A.L., Garcia Clemente, F.J., Gil Pérez, M., Martínez Pérez, G.: A self-adaptive deep learning-based system for anomaly detection in 5G networks. IEEE Access 6, 7700–7712 (2018). https://doi.org/10.1109/ACCESS.2018.2803446

    Article  Google Scholar 

  14. Forest, F., Lebbah, M., Azzag, H., Lacaille, J.: Deep embedded som: joint representation learning and self-organization. Reconstruction 500, 500 (2000)

    Google Scholar 

  15. Goodfellow, I.J., Shlens, J., Szegedy, C.: Explaining and harnessing adversarial examples. ar**v:1412.6572 (2015)

    Google Scholar 

  16. GSMA: Fs.31 - baseline security controls (2020)

    Google Scholar 

  17. GSMA: Fs.30 - security manual (2021)

    Google Scholar 

  18. Guo, C., Rana, M., Cisse, M., van der Maaten, L.: Countering adversarial images using input transformations. ar**v:1711.00117 (2018)

    Google Scholar 

  19. Guo, Q., Gu, R., Wang, Z., Zhao, T., Ji, Y., Kong, J., Gour, R., Jue, J.P.: Proactive dynamic network slicing with deep learning based short-term traffic prediction for 5G transport network. In: 2019 Optical Fiber Communications Conference and Exhibition (OFC), pp. 1–3 (2019)

    Google Scholar 

  20. Haidine, A., Salmam, F.Z., Aqqal, A., Dahbi, A.: Artificial intelligence and machine learning in 5G and beyond: a survey and perspectives. In: Moving Broadband Mobile Communications Forward: Intelligent Technologies for 5G and Beyond, p. 47 (2021)

    Google Scholar 

  21. **, H., Song, Q., Hu, X.: Auto-keras: An efficient neural architecture search system. In: Proceedings of the 25th ACM SIGKDD International Conference on Knowledge Discovery & Data Mining, pp. 1946–1956 (2019)

    Google Scholar 

  22. Kim, B., Sagduyu, Y.E., Davaslioglu, K., Erpek, T., Ulukus, S.: Over-the-air adversarial attacks on deep learning based modulation classifier over wireless channels. ar**v:2002.02400 (2020)

    Google Scholar 

  23. Kim, B., Sagduyu, Y.E., Erpek, T., Davaslioglu, K., Ulukus, S.: Adversarial attacks with multiple antennas against deep learning-based modulation classifiers. ar**v:2007.16204 (2020)

    Google Scholar 

  24. Kim, B., Sagduyu, Y.E., Davaslioglu, K., Erpek, T., Ulukus, S.: Channel-aware adversarial attacks against deep learning-based wireless signal classifiers. ar**v:2005.05321 (2021)

    Google Scholar 

  25. Kim, B., Sagduyu, Y.E., Erpek, T., Ulukus, S.: Adversarial attacks on deep learning based mmwave beam prediction in 5G and beyond. ar**v:2103.13989 (2021)

    Google Scholar 

  26. Kim, B., Shi, Y., Sagduyu, Y.E., Erpek, T., Ulukus, S.: Adversarial attacks against deep learning based power control in wireless communications. ar**v:2109.08139 (2021)

    Google Scholar 

  27. Kohonen, T.: Self-Organizing Maps, vol. 30. Springer Science & Business Media, Cham (2012)

    Google Scholar 

  28. Kurakin, A., Goodfellow, I., Bengio, S.: Adversarial examples in the physical world. ar**v:1607.02533 (2017)

    Google Scholar 

  29. Liu, Q., Guo, J., Wen, C.K., **, S.: Adversarial attack on DL-based massive MIMO CSI feedback. J. Commun. Netw. 22(3), 230–235 (2020). https://doi.org/10.1109/JCN.2020.000016

    Article  Google Scholar 

  30. Lyu, W., Zhang, Z., Jiao, C., Qin, K., Zhang, H.: Performance evaluation of channel decoding with deep neural networks. In: 2018 IEEE International Conference on Communications (ICC), pp. 1–6 (2018). https://doi.org/10.1109/ICC.2018.8422289

  31. Madry, A., Makelov, A., Schmidt, L., Tsipras, D., Vladu, A.: Towards deep learning models resistant to adversarial attacks. ar**v:1706.06083 (2019)

    Google Scholar 

  32. Manoj, B.R., Sadeghi, M., Larsson, E.G.: Adversarial attacks on deep learning based power allocation in a massive MIMO network. ar**v:2101.12090 (2021)

    Google Scholar 

  33. Masri, A., Veijalainen, T., Martikainen, H., Mwanje, S., Ali-Tolppa, J., Kajó, M.: Machine-learning-based predictive handover. In: 2021 IFIP/IEEE International Symposium on Integrated Network Management (IM), pp. 648–652 (2021)

    Google Scholar 

  34. Meng, D., Chen, H.: Magnet: a two-pronged defense against adversarial examples. ar**v:1705.09064 (2017)

    Google Scholar 

  35. Meng, F., Chen, P., Wu, L., Wang, X.: Automatic modulation classification: a deep learning enabled approach. IEEE Trans. Vehic. Technol. 67(11), 10760–10772 (2018). https://doi.org/10.1109/TVT.2018.2868698

    Article  Google Scholar 

  36. Metzen, J.H., Genewein, T., Fischer, V., Bischoff, B.: On detecting adversarial perturbations. ar**v:1702.04267 (2017)

    Google Scholar 

  37. Minovski, D., Ogren, N., Ahlund, C., Mitra, K.: Throughput prediction using machine learning in LTE and 5G networks. IEEE Trans. Mob. Comput., 1–1 (2021). https://doi.org/10.1109/TMC.2021.3099397

  38. Nicolae, M.I., Sinn, M., Tran, M.N., Buesser, B., Rawat, A., Wistuba, M., Zantedeschi, V., Baracaldo, N., Chen, B., Ludwig, H., Molloy, I.M., Edwards, B.: Adversarial robustness toolbox v1.0.0. ar**v:1807.01069 (2019)

    Google Scholar 

  39. O’Shea, T., West, N.: Radio machine learning dataset generation with GNU radio. Proc. GNU Radio Conf. 1(1) (2016). https://pubs.gnuradio.org/index.php/grcon/article/view/11

  40. O’Shea, T.J., Corgan, J., Clancy, T.C.: Convolutional radio modulation recognition networks. In: International Conference on Engineering Applications of Neural Networks, pp. 213–226. Springer, Berlin (2016)

    Google Scholar 

  41. Papernot, N., McDaniel, P., Jha, S., Fredrikson, M., Celik, Z.B., Swami, A.: The limitations of deep learning in adversarial settings. ar**v:1511.07528 (2015)

    Google Scholar 

  42. Papernot, N., Faghri, F., Carlini, N., Goodfellow, I., Feinman, R., Kurakin, A., **e, C., Sharma, Y., Brown, T., Roy, A., et al.: Technical report on the cleverhans v2. 1.0 adversarial examples library. ar**v:1610.00768 (2016)

    Google Scholar 

  43. Papernot, N., McDaniel, P., Goodfellow, I., Jha, S., Celik, Z.B., Swami, A.: Practical black-box attacks against machine learning. ar**v:1602.02697 (2017)

    Google Scholar 

  44. Pawlak, J., Li, Y., Price, J., Wright, M., Al Shamaileh, K., Niyaz, Q., Devabhaktuni, V.: A machine learning approach for detecting and classifying jamming attacks against OFDM-based uavs. In: Proceedings of the 3rd ACM Workshop on Wireless Security and Machine Learning, pp. 1–6 (2021)

    Google Scholar 

  45. Peng, S., Jiang, H., Wang, H., Alwageed, H., Yao, Y.D.: Modulation classification using convolutional neural network based deep learning model. In: 2017 26th Wireless and Optical Communication Conference (WOCC), pp. 1–5 (2017). https://doi.org/10.1109/WOCC.2017.7929000

  46. Peng, B., Seco-Granados, G., Steinmetz, E., Fröhle, M., Wymeersch, H.: Decentralized scheduling for cooperative localization with deep reinforcement learning. IEEE Trans. Vehic. Technol. 68(5), 4295–4305 (2019). https://doi.org/10.1109/TVT.2019.2913695

    Article  Google Scholar 

  47. Rauber, J., Brendel, W., Bethge, M.: Foolbox: A python toolbox to benchmark the robustness of machine learning models. ar**v:1707.04131 (2018)

    Google Scholar 

  48. Ross, A.S., Doshi-Velez, F.: Improving the adversarial robustness and interpretability of deep neural networks by regularizing their input gradients. ar**v:1711.09404 (2017)

    Google Scholar 

  49. Ruff, L., Vandermeulen, R., Goernitz, N., Deecke, L., Siddiqui, S.A., Binder, A., Müller, E., Kloft, M.: Deep one-class classification. In: International Conference on Machine Learning, pp. 4393–4402. PMLR (2018)

    Google Scholar 

  50. Sadeghi, M., Larsson, E.G.: Physical adversarial attacks against end-to-end autoencoder communication systems. ar**v:1902.08391 (2019)

    Google Scholar 

  51. Safari, M.S., Pourahmadi, V., Sodagari, S.: Deep UL2DL: data-driven channel knowledge transfer from uplink to downlink. IEEE Open J.f Vehic. Technol. 1, 29–44 (2020). https://doi.org/10.1109/OJVT.2019.2962631

  52. Sagduyu, Y.E., Erpek, T., Shi, Y.: Adversarial machine learning for 5G communications security. ar**v:2101.02656 (2021)

    Google Scholar 

  53. Sanguinetti, L., Zappone, A., Debbah, M.: Deep learning power allocation in massive MIMO. ar**v:1812.03640 (2019)

    Google Scholar 

  54. Schwarzmann, S., Marquezan, C.C., Trivisonno, R., Nakajima, S., Zinner, T.: Accuracy vs. cost trade-off for machine learning based QoE estimation in 5G networks. In: ICC 2020 - 2020 IEEE International Conference on Communications (ICC), pp. 1–6 (2020). https://doi.org/10.1109/ICC40277.2020.9148685

  55. Shi, Y., Sagduyu, Y.E.: Adversarial machine learning for flooding attacks on 5G radio access network slicing. ar**v:2101.08724 (2021)

    Google Scholar 

  56. Shi, Y., Sagduyu, Y.E., Erpek, T.: Reinforcement learning for dynamic resource optimization in 5G radio access network slicing. In: 2020 IEEE 25th International Workshop on Computer Aided Modeling and Design of Communication Links and Networks (CAMAD), pp. 1–6 (2020). https://doi.org/10.1109/CAMAD50429.2020.9209299

  57. Shi, Y., Sagduyu, Y.E., Erpek, T., Gursoy, M.C.: How to attack and defend 5G radio access network slicing with reinforcement learning. ar**v:2101.05768 (2021)

    Google Scholar 

  58. Snoek, J., Larochelle, H., Adams, R.P.: Practical bayesian optimization of machine learning algorithms. In: Advances in Neural Information Processing Systems, vol. 25 (2012)

    Google Scholar 

  59. Sotgiu, A., Demontis, A., Melis, M., Biggio, B., Fumera, G., Feng, X., Roli, F.: Deep neural rejection against adversarial examples. ar**v:1910.00470 (2020)

    Google Scholar 

  60. Steinhardt, J., Koh, P.W., Liang, P.: Certified defenses for data poisoning attacks. ar**v:1706.03691 (2017)

    Google Scholar 

  61. Sun, H., Chen, X., Shi, Q., Hong, M., Fu, X., Sidiropoulos, n.d.: Learning to optimize: training deep neural networks for interference management. IEEE Trans. Signal Process. 66(20), 5438–5453 (2018). https://doi.org/10.1109/TSP.2018.2866382

  62. Szegedy, C., Zaremba, W., Sutskever, I., Bruna, J., Erhan, D., Goodfellow, I., Fergus, R.: Intriguing properties of neural networks. ar**v:1312.6199 (2014)

    Google Scholar 

  63. Szegedy, C., Vanhoucke, V., Ioffe, S., Shlens, J., Wojna, Z.: Rethinking the inception architecture for computer vision. In: Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition, pp. 2818–2826 (2016)

    Google Scholar 

  64. Uesato, J., O’Donoghue, B., van den Oord, A., Kohli, P.: Adversarial risk and the dangers of evaluating against weak attacks. ar**v:1802.05666 (2018)

    Google Scholar 

  65. Usama, M., Mitra, R.N., Ilahi, I., Qadir, J., Marina, M.K.: Examining machine learning for 5G and beyond through an adversarial lens. ar**v:2009.02473 (2020)

    Google Scholar 

  66. Wang, F., Gursoy, M.C., Velipasalar, S.: Adversarial reinforcement learning in dynamic channel access and power control. ar**v:2105.05817 (2021)

    Google Scholar 

  67. Wang, H., Miller, D.J., Kesidis, G.: Anomaly detection of adversarial examples using class-conditional generative adversarial networks. Comput. Secur. 124, 102956 (2023)

    Article  Google Scholar 

  68. Wen, C.K., Shih, W.T., **, S.: Deep learning for massive MIMO CSI feedback. IEEE Wirel. Commun. Lett. 7(5), 748–751 (2018). https://doi.org/10.1109/LWC.2018.2818160

    Article  Google Scholar 

  69. Xu, W., Evans, D., Qi, Y.: Feature squeezing: Detecting adversarial examples in deep neural networks. In: Proceedings 2018 Network and Distributed System Security Symposium (2018). https://doi.org/10.14722/ndss.2018.23198.

  70. Zantedeschi, V., Nicolae, M.I., Rawat, A.: Efficient Defenses Against Adversarial Attacks, pp. 39–49. Association for Computing Machinery, New York (2017). https://doi.org/10.1145/3128572.3140449

  71. Zolotukhin, M., Miraghaei, P., Zhang, D., Hämäläinen, T.: On assessing vulnerabilities of the 5G networks to adversarial examples. IEEE Access 10, 126285–126303 (2022)

    Article  Google Scholar 

  72. Zolotukhin, M., Miraghaie, P., Zhang, D., Hämäläinen, T., Ke, W., Dunderfelt, M.: Black-box adversarial examples against intelligent beamforming in 5G networks. In: 2022 IEEE Conference on Standards for Communications and Networking (CSCN), pp. 64–70. IEEE, Piscataway (2022)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Faculty of Information Technology, University of Jyväskylä, Jyväskylä, Finland

    Mikhail Zolotukhin, Di Zhang & Timo Hämäläinen

Authors
  1. Mikhail Zolotukhin
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Di Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Timo Hämäläinen
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Mikhail Zolotukhin .

Editor information

Editors and Affiliations

  1. Jamk University of Applied Sciences, JYVÄSKYLÄ, Finland

    Tuomo Sipola

  2. Jamk University of Applied Sciences, JYVÄSKYLÄ, Finland

    Janne Alatalo

  3. Jamk University of Applied Sciences, JYVÄSKYLÄ, Finland

    Monika Wolfmayr

  4. Jamk University of Applied Sciences, JYVÄSKYLÄ, Finland

    Tero Kokkonen

Rights and permissions

Reprints and permissions

Copyright information

© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Zolotukhin, M., Zhang, D., Hämäläinen, T. (2024). On Protection of the Next-Generation Mobile Networks Against Adversarial Examples. In: Sipola, T., Alatalo, J., Wolfmayr, M., Kokkonen, T. (eds) Artificial Intelligence for Security. Springer, Cham. https://doi.org/10.1007/978-3-031-57452-8_11

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-57452-8_11

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-57451-1

  • Online ISBN: 978-3-031-57452-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation