BEGIN:VCALENDAR VERSION:2.0 PRODID:IEEE vTools.Events//EN CALSCALE:GREGORIAN BEGIN:VTIMEZONE TZID:America/New_York BEGIN:DAYLIGHT DTSTART:20230312T030000 TZOFFSETFROM:-0500 TZOFFSETTO:-0400 RRULE:FREQ=YEARLY;BYDAY=2SU;BYMONTH=3 TZNAME:EDT END:DAYLIGHT BEGIN:STANDARD DTSTART:20231105T010000 TZOFFSETFROM:-0400 TZOFFSETTO:-0500 RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=11 TZNAME:EST END:STANDARD END:VTIMEZONE BEGIN:VEVENT DTSTAMP:20230731T004029Z UID:5B14BC48-0248-49BB-A600-86080109E784 DTSTART;TZID=America/New_York:20230727T100000 DTEND;TZID=America/New_York:20230727T120000 DESCRIPTION:Abstract\n\nMachine learning (ML) has recently been applied for the classification of radio frequency (RF) signals. One use case of inter est relates to the discernment between different wireless protocols that o perate over a shared and potentially contested spectrum. Although highly a ccurate classifiers have been developed for various wireless scenarios\, r esearch points to the vulnerability of such classifiers to adversarial mac hine learning (AML) attacks. In one such attack\, a surrogate deep neural network (DNN) model is trained by the attacker to produce intelligently cr afted low power “perturbations” that degrade the classification accura cy of the legitimate classifier. In this talk\, I will first present sever al novel DNN protocol classifiers that we designed for a shared spectrum e nvironment. These classifiers performed quite well in both simulations and OTA experimentation\, considering benign (non-adversarial) noise. I will then present several AML techniques that an attacker may use to generate l ow power perturbations. When combined with a legitimate signal\, these per turbations are shown to uniformly degrade the classification accuracy\, ev en in the very high SNR regime. Different attack models are studied\, depe nding on how much information the attacker has about the defender’s clas sifier. Finally\, I will discuss possible defense mechanisms as well as ot her research efforts related to detection of adversarial transmissions.\n\ nCo-sponsored by: Dr. Jun Yan\n\nRoom: EV001.162\, Bldg: EV001.162\, 1515 St. Catherine St. West\, Montreal\, Quebec H3G 2W1\, Montreal\, Quebec\, C anada\, H3G 2W1 LOCATION:Room: EV001.162\, Bldg: EV001.162\, 1515 St. Catherine St. West\, Montreal\, Quebec H3G 2W1\, Montreal\, Quebec\, Canada\, H3G 2W1 ORGANIZER:anader.benyamin@ieee.org SEQUENCE:3 SUMMARY:Adversarial Machine Learning Attacks on RF Signal Classifiers URL;VALUE=URI:https://events.vtools.ieee.org/m/368001 X-ALT-DESC:Description: <br /><h2>Abstract</h2>\n<p><span class="xlarge-tex t">Machine learning (ML) has recently been applied for the classification of radio frequency (RF) signals. One use case of interest relates to the d iscernment between different wireless protocols that operate over a shared and potentially contested spectrum. Although highly accurate classifiers have been developed for various wireless scenarios\, research points to th e vulnerability of such classifiers to adversarial machine learning (AML) attacks. In one such attack\, a surrogate deep neural network (DNN) model is trained by the attacker to produce intelligently crafted low power &ldq uo\;perturbations&rdquo\; that degrade the classification accuracy of the legitimate classifier. In this talk\, I will first present several novel D NN protocol classifiers that we designed for a shared spectrum environment . These classifiers performed quite well in both simulations and OTA exper imentation\, considering benign (non-adversarial) noise. I will then prese nt several AML techniques that an attacker may use to generate low power p erturbations. When combined with a legitimate signal\, these perturbations are shown to uniformly degrade the classification accuracy\, even in the very high SNR regime. Different attack models are studied\, depending on h ow much information the attacker has about the defender&rsquo\;s classifie r. Finally\, I will discuss possible defense mechanisms as well as other r esearch efforts related to detection of adversarial transmissions.</span>< /p> END:VEVENT END:VCALENDAR