Waveform Manipulation Against DNN-based Modulation Classification Attacks

TL;DR

This paper introduces a waveform manipulation technique using frequency modulation to protect wireless signals from DNN-based modulation classification attacks, effectively reducing eavesdropper accuracy without harming legitimate reception.

Contribution

It presents a novel waveform obfuscation method that impairs DNN classifiers at eavesdroppers while maintaining reliable communication for legitimate receivers.

Findings

Eavesdropper classification accuracy drops below 10% in AWGN and fading channels.

The method preserves demodulation performance at legitimate receivers.

Applicable to various modulation schemes and wireless protocols.

Abstract

In this paper we propose a method for defending against an eavesdropper that uses a Deep Neural Network (DNN) for learning the modulation of wireless communication signals. Our method is based on manipulating the emitted waveform with the aid of a continuous time frequency-modulated (FM) obfuscating signal that is mixed with the modulated data. The resulting waveform allows a legitimate receiver (LRx) to demodulate the data but it increases the test error of a pre-trained or adversarially-trained DNN classifier at the eavesdropper. The scheme works for analog modulation and digital single carrier and multi carrier orthogonal frequency division multiplexing (OFDM) waveforms, while it can implemented in frame-based wireless protocols. The results indicate that careful selection of the parameters of the obfuscating waveform can drop classification performance at the eavesdropper to less than 10% in AWGN and fading channels with no performance loss at the LRx.