
Research Article
Mitigating Threats in PHY-Layer Authentication: A Proactive Defense Against Membership Inference Attacks in Wireless Signal Classifiers
@INPROCEEDINGS{10.1007/978-3-031-81168-5_2, author={D. Madhuri and V. Nikitha Reddy and M. Keerthi Reddy and V. N. L. N. Murthy and Saroja Kumar Rout and Bijaya Kumar Sethi}, title={Mitigating Threats in PHY-Layer Authentication: A Proactive Defense Against Membership Inference Attacks in Wireless Signal Classifiers}, proceedings={Broadband Communications, Networks, and Systems. 14th EAI International Conference, BROADNETS 2024, Hyderabad, India, February 16--17, 2024, Proceedings, Part I}, proceedings_a={BROADNETS}, year={2025}, month={2}, keywords={Adversarial machine learning Membership Inference attack Privacy Wireless signal classification Defense}, doi={10.1007/978-3-031-81168-5_2} }
- D. Madhuri
V. Nikitha Reddy
M. Keerthi Reddy
V. N. L. N. Murthy
Saroja Kumar Rout
Bijaya Kumar Sethi
Year: 2025
Mitigating Threats in PHY-Layer Authentication: A Proactive Defense Against Membership Inference Attacks in Wireless Signal Classifiers
BROADNETS
Springer
DOI: 10.1007/978-3-031-81168-5_2
Abstract
In a wireless signal classifier utilized for PHY-layer authentication, a membership inference attack is demonstrated as an adversarial machine learning method. Waveform, channel, and device attributes are among the private information that needs to be retrieved. There is a difficulty since varying channel conditions produce varying received signals and RF fingerprints. The attacker constructs a surrogate classifier by examining the spectrum in order to circumvent this issue. Subsequently, we employ this surrogate model to conduct a black-box Membership Inference Attack (MIA) on the designated classifier. Our findings reveal that the adversary can effectively discern signals and potentially extract radio and channel information utilized in training the target classifier. To address this potential threat, we have implemented a proactive defense strategy. In order to fool the opponent, this involves creating a shadow MIA model. In order to reduce the MIA’s accuracy and prevent data from the wireless signal classifier from leaking, faults are intended to be introduced. This scenario holds significance as it sheds insight on potential vulnerabilities in wireless signal classifiers, particularly with regard to PHY-layer authentication. In order to enhance wireless communication system security, the proactive defense strategy highlights how important it is to anticipate and prevent adversarial machine learning attacks.