Unveiling the Threat: Data-Free Backdoor Attacks on Pre-Trained Models for RF Fingerprinting

Zhao, Tianya, Zhang, Junqing ORCID: 0000-0002-3502-2926, Dai, Jun, Sun, Xiaoyan and Wang, Xuyu (2025) Unveiling the Threat: Data-Free Backdoor Attacks on Pre-Trained Models for RF Fingerprinting IEEE Transactions on Mobile Computing, PP (99). pp. 1-13. ISSN 1536-1233, 1558-0660

Text TMC2025_Backdoor_PTM.pdf - Author Accepted Manuscript Available under License Creative Commons Attribution. Download (6MB) | Preview

Abstract

While supervised deep neural networks (DNNs) have proven effective for device authentication via radio frequency (RF) fingerprinting, they are hindered by domain shift issues and the scarcity of labeled data. The success of large language models has led to increased interest in self-supervised pre-trained models (PTMs), which offer better generalization and do not require labeled datasets, potentially addressing the issues mentioned above. However, the inherent vulnerabilities of PTMs in RF fingerprinting remain insufficiently explored. In this paper, we unveil the potential threat by thoroughly investigating data-free backdoor attacks on such PTMs for RF fingerprinting, focusing on a practical scenario where attackers lack access to downstream data, label information, and training processes. To realize the backdoor attack, we carefully design a set of triggers and predefined output representations (PORs) for the PTMs. By mapping triggers and PORs through backdoor training, we can implant backdoor behaviors into the PTMs, thereby introducing vulnerabilities across different downstream RF fingerprinting tasks without requiring prior knowledge. Extensive experiments demonstrate the wide applicability of our proposed backdoor attack to various input domains, protocols, and PTMs. Furthermore, we explore potential detection and defense methods, illustrating the difficulty of fully safeguarding against our proposed data-free backdoor attack.

Item Type:	Article
Uncontrolled Keywords:	46 Information and Computing Sciences, 4611 Machine Learning, 4604 Cybersecurity and Privacy
Divisions:	Faculty of Science & Engineering Faculty of Science & Engineering > School of Computer Science & Informatics Faculty of Science & Engineering > School of Computer Science & Informatics > Trustworthy Computing
Depositing User:	Symplectic Admin
Date Deposited:	31 Oct 2025 08:36
Last Modified:	19 Nov 2025 08:47
DOI:	10.1109/tmc.2025.3628527
Related Websites:	Publisher
URI:	https://livrepository.liverpool.ac.uk/id/eprint/3195117
Disclaimer:	The University of Liverpool is not responsible for content contained on other websites from links within repository metadata. Please contact us if you notice anything that appears incorrect or inappropriate.