Deep learning (DL) architectures have been successfully used in many applications including wireless systems. However, they have been shown to be susceptible to adversarial attacks. We analyze DL-based models for a regression problem in the context of downlink power allocation in massive multiple-input-multiple-output systems and propose universal adversarial perturbation (UAP)-crafting methods as white-box and black-box attacks. We benchmark the UAP performance of white-box and black-box attacks for the considered application and show that the adversarial success rate can achieve up to 60% and 40%, respectively. The proposed UAP-based attacks make a more practical and realistic approach as compared to classical white-box attacks.
翻译:在包括无线系统在内的许多应用中,深层学习(DL)架构已被成功使用。然而,这些架构被证明容易遭到对抗性攻击。我们分析了在大规模多投入-多产出系统下链路分权背景下基于DL的回归问题模型,并提议将通用对抗性扰动(UAP)工艺方法作为白箱和黑盒攻击。我们为经过深思熟虑的应用程序将“白箱”和“黑盒攻击”的“UAP”性能作为基准,并表明对抗性成功率可分别达到60%和40%。与经典白盒攻击相比,拟议的“UAP”式攻击更实际、更现实。