Backdoor Attacks and Defenses on Semantic-Symbol Reconstruction in Semantic Communications

TL;DR

This paper investigates backdoor attacks on deep learning-based semantic communication systems, introduces a new attack paradigm BASS, and proposes defense strategies including training, reverse engineering, and pruning, validated by simulations.

Contribution

It introduces BASS, a novel backdoor attack paradigm tailored for semantic communication, and proposes effective defense mechanisms against it.

Findings

BASS effectively compromises semantic communication systems.

Proposed defenses significantly mitigate backdoor threats.

Simulation results confirm the robustness of the defense strategies.

Abstract

Semantic communication is of crucial importance for the next-generation wireless communication networks. The existing works have developed semantic communication frameworks based on deep learning. However, systems powered by deep learning are vulnerable to threats such as backdoor attacks and adversarial attacks. This paper delves into backdoor attacks targeting deep learning-enabled semantic communication systems. Since current works on backdoor attacks are not tailored for semantic communication scenarios, a new backdoor attack paradigm on semantic symbols (BASS) is introduced, based on which the corresponding defense measures are designed. Specifically, a training framework is proposed to prevent BASS. Additionally, reverse engineering-based and pruning-based defense strategies are designed to protect against backdoor attacks in semantic communication. Simulation results demonstrate the effectiveness of both the proposed attack paradigm and the defense strategies.