TY - JOUR
T1 - Adversarial Attacks and Defenses in Machine Learning-Empowered Communication Systems and Networks
T2 - A Contemporary Survey
AU - Wang, Yulong
AU - Sun, Tong
AU - Li, Shenghong
AU - Yuan, Xin
AU - Ni, Wei
AU - Hossain, Ekram
AU - Vincent Poor, H.
N1 - Publisher Copyright:
© ; 2023 IEEE.
PY - 2023
Y1 - 2023
N2 - Adversarial attacks and defenses in machine learning and deep neural network (DNN) have been gaining significant attention due to the rapidly growing applications of deep learning in communication networks. This survey provides a comprehensive overview of the recent advancements in the field of adversarial attack and defense techniques, with a focus on DNN-based classification models for communication applications. Specifically, we conduct a comprehensive classification of recent adversarial attack methods and state-of-the-art adversarial defense techniques based on attack principles, and present them in visually appealing tables and tree diagrams. This is based on a rigorous evaluation of the existing works, including an analysis of their strengths and limitations. We also categorize the methods into counter-attack detection and robustness enhancement, with a specific focus on regularization-based methods for enhancing robustness. New avenues of attack are also explored, including search-based, decision-based, drop-based, and physical-world attacks, and a hierarchical classification of the latest defense methods is provided, highlighting the challenges of balancing training costs with performance, maintaining clean accuracy, overcoming the effect of gradient masking, and ensuring method transferability. At last, the lessons learned and open challenges are summarized with future research opportunities recommended.
AB - Adversarial attacks and defenses in machine learning and deep neural network (DNN) have been gaining significant attention due to the rapidly growing applications of deep learning in communication networks. This survey provides a comprehensive overview of the recent advancements in the field of adversarial attack and defense techniques, with a focus on DNN-based classification models for communication applications. Specifically, we conduct a comprehensive classification of recent adversarial attack methods and state-of-the-art adversarial defense techniques based on attack principles, and present them in visually appealing tables and tree diagrams. This is based on a rigorous evaluation of the existing works, including an analysis of their strengths and limitations. We also categorize the methods into counter-attack detection and robustness enhancement, with a specific focus on regularization-based methods for enhancing robustness. New avenues of attack are also explored, including search-based, decision-based, drop-based, and physical-world attacks, and a hierarchical classification of the latest defense methods is provided, highlighting the challenges of balancing training costs with performance, maintaining clean accuracy, overcoming the effect of gradient masking, and ensuring method transferability. At last, the lessons learned and open challenges are summarized with future research opportunities recommended.
KW - Machine learning
KW - adversarial attack
KW - adversarial defense
KW - communication
KW - deep neural network
KW - network
UR - http://www.scopus.com/inward/record.url?scp=85173044113&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85173044113&partnerID=8YFLogxK
U2 - 10.1109/COMST.2023.3319492
DO - 10.1109/COMST.2023.3319492
M3 - Article
AN - SCOPUS:85173044113
SN - 1553-877X
VL - 25
SP - 2245
EP - 2298
JO - IEEE Communications Surveys and Tutorials
JF - IEEE Communications Surveys and Tutorials
IS - 4
ER -