Description:
Background
The Internet of Things (IoT) will bring 75.44B devices on the market by 2025, a 5x increase in ten years. Due to the sheer number of IoT devices soon to be deployed worldwide, the design of practical spectrum knowledge extraction techniques has now become a compelling necessity – not only to understand in real-time the wireless environment, but also to design reactive, intelligent, and more secure wireless protocols, systems, and architectures.
Recent advances in wireless deep learning have demonstrated its great potential. However, it has been extensively proven that neural networks are prone to be “hacked” by carefully crafting small-scale perturbations to the input. This activity is also known as adversarial machine learning (AML). Intuitively, the degree to which malicious wireless agents can find adversarial examples is critically correlated to the applicability of neural networks to problems in the wireless domain.
 
Technology Overview
In this technology, Northeastern University researchers postulate a series of adversarial attacks and mathematically formulated a Generalized Wireless Adversarial Machine Learning Problem (GWAP) to analyze the combined effect of the wireless channel and the adversarial waveform on the efficacy of the attacks. An algorithm has been proposed to solve the GWAP in:
(i) a “white box” setting where the adversary has access to the deep learning model 
(ii) a “black box” setting where the deep learning model is not available. 
For the latter, there is a proposed new neural network architecture called WaveNet, which combines for the first time concepts from deep learning and signal processing to “hack” a classifier based only on its output.
 
Benefits
- The first demonstration of wireless adversarial machine learning algorithms on real-world datasets and models 
- The first neural network to implement digital signal processing 
- First experimental evaluation of WAML on real-world testbeds
 
Applications
- Make machine learning models more robust in the wireless domain 
- Tactical applications (cracking radio fingerprinting, modulation recognition)
 
Opportunity
- License
- Partnering
- Research collaboration
Patent Information:
Category(s):
Software
For Information, Contact:
Barbara Finer
Northeastern University
b.finer@northeastern.edu
Inventors:
Francesco Restuccia
Salvatore D'Oro
Tommaso Melodia
Keywords: