Universal Adversarial Attacks on Neural Networks for Power Allocation in   a Massive MIMO System

Pablo Mill\'an Santos; B. R. Manoj; Meysam Sadeghi; and Erik G.; Larsson

arXiv:2110.04731·cs.IT·October 12, 2021

Universal Adversarial Attacks on Neural Networks for Power Allocation in a Massive MIMO System

Pablo Mill\'an Santos, B. R. Manoj, Meysam Sadeghi, and Erik G., Larsson

PDF

TL;DR

This paper investigates the vulnerability of deep learning models used for power allocation in massive MIMO systems to universal adversarial attacks, demonstrating significant success rates and proposing practical attack methods.

Contribution

It introduces universal adversarial perturbation techniques for wireless system models and benchmarks their effectiveness in both white-box and black-box scenarios.

Findings

01

White-box attack success rate up to 60%

02

Black-box attack success rate up to 40%

03

Proposes more practical UAP-based attack methods

Abstract

Deep learning (DL) architectures have been successfully used in many applications including wireless systems. However, they have been shown to be susceptible to adversarial attacks. We analyze DL-based models for a regression problem in the context of downlink power allocation in massive multiple-input-multiple-output systems and propose universal adversarial perturbation (UAP)-crafting methods as white-box and black-box attacks. We benchmark the UAP performance of white-box and black-box attacks for the considered application and show that the adversarial success rate can achieve up to 60% and 40%, respectively. The proposed UAP-based attacks make a more practical and realistic approach as compared to classical white-box attacks.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.