SecureSense: Defending Adversarial Attack for Secure Device-Free Human Activity Recognition

TL;DR

This paper introduces SecureSense, a novel framework to defend against adversarial attacks on deep learning models used in device-free human activity recognition, significantly improving robustness and safety.

Contribution

SecureSense is the first defense framework specifically designed to protect wireless human activity recognition systems from adversarial attacks.

Findings

SecureSense significantly improves model robustness against attacks.

The method maintains high accuracy under adversarial perturbations.

Experiments validate effectiveness on real wireless sensing systems.

Abstract

Deep neural networks have empowered accurate device-free human activity recognition, which has wide applications. Deep models can extract robust features from various sensors and generalize well even in challenging situations such as data-insufficient cases. However, these systems could be vulnerable to input perturbations, i.e. adversarial attacks. We empirically demonstrate that both black-box Gaussian attacks and modern adversarial white-box attacks can render their accuracies to plummet. In this paper, we firstly point out that such phenomenon can bring severe safety hazards to device-free sensing systems, and then propose a novel learning framework, SecureSense, to defend common attacks. SecureSense aims to achieve consistent predictions regardless of whether there exists an attack on its input or not, alleviating the negative effect of distribution perturbation caused by adversarial attacks. Extensive experiments demonstrate that our proposed method can significantly enhance the model robustness of existing deep models, overcoming possible attacks. The results validate that our method works well on wireless human activity recognition and person identification systems. To the best of our knowledge, this is the first work to investigate adversarial attacks and further develop a novel defense framework for wireless human activity recognition in mobile computing research.