Explanation-Guided Backdoor Attacks Against Model-Agnostic RF Fingerprinting Systems

Zhao, Tianya, Zhang, Junqing ORCID: 0000-0002-3502-2926, Wang, Xuyu and Mao, Shiwen (2024) Explanation-Guided Backdoor Attacks Against Model-Agnostic RF Fingerprinting Systems. IEEE Transactions on Mobile Computing, 24 (3). pp. 2029-2042. ISSN 1536-1233, 1558-0660

[thumbnail of TMC2024_RFFI_Backdoor.pdf]

Text
TMC2024_RFFI_Backdoor.pdf - Author Accepted Manuscript
Available under License Creative Commons Attribution.
Download (4MB) | Preview

Official URL: https://doi.org/10.1109/tmc.2024.3487967

Abstract

Despite the proven capabilities of deep neural networks (DNNs) in identifying devices through radio frequency (RF) fingerprinting, the security vulnerabilities of these deep learning models have been largely overlooked. While the threat of backdoor attacks is well-studied in the image domain, few works have explored this threat in the context of RF signals. In this paper, we thoroughly analyze the susceptibility of DNNbased RF fingerprinting to backdoor attacks, focusing on a more practical scenario where attackers lack access to control model gradients and training processes. We propose leveraging explainable machine learning techniques and autoencoders to guide the selection of trigger positions and values, allowing for the creation of effective backdoor triggers in a model-agnostic manner. To comprehensively evaluate this backdoor attack, we employ four diverse datasets with two protocols (Wi-Fi and LoRa) across various DNN architectures. Given that RF signals are often transformed into the frequency or time-frequency domains, this study also assesses attack efficacy in the time-frequency domain. Furthermore, we experiment with potential detection and defense methods, demonstrating the difficulty of fully safeguarding against our proposed backdoor attack. Additionally, we consider the attack performance in the domain shift case.

Item Type:	Article
Uncontrolled Keywords:	4606 Distributed Computing and Systems Software, 46 Information and Computing Sciences, 4611 Machine Learning, 4604 Cybersecurity and Privacy, Bioengineering, Networking and Information Technology R&D (NITRD), Machine Learning and Artificial Intelligence
Divisions:	Faculty of Science and Engineering Faculty of Science and Engineering > School of Electrical Engineering, Electronics and Computer Science
Depositing User:	Symplectic Admin
Date Deposited:	24 Oct 2024 07:15
Last Modified:	11 Feb 2025 08:45
DOI:	10.1109/tmc.2024.3487967
Related Websites:	Publisher
URI:	https://livrepository.liverpool.ac.uk/id/eprint/3186204

Repository Staff

Statistics

Altmetric

CORE (COnnecting REpositories)

Find a course

Select type

Be part of
a globally-connected Russell Group university

Study with Liverpool

Find a course

Select type

Study in Liverpool

Study globally

Research with real world impact

Our research

Research

Postgraduate Research

Research and business collaboration

Advancing knowledge to transform lives

About us

Our story

Key information

Our locations

The University of Liverpool Repository

Explanation-Guided Backdoor Attacks Against Model-Agnostic RF Fingerprinting Systems

Abstract