非合作对抗场景下的隐真示假调制识别方法OA
Automatic Modulation Recognition Method via Conceal-Truth-While-Showing-Fake Strategy in Non-Cooperative Adversarial Scenarios
针对非合作对抗通信场景中信号易被截获和通信意图易暴露的安全威胁,本文突破传统被动防御范式,提出面向智能电子设备中自动调制识别(Automatic Modulation Recognition,AMR)的隐真示假调制识别方法,实现对抗场景下合作链路的可靠传输与非合作链路的精准诱骗.考虑多输入多输出信道在时-频-空域呈现的多维差异性特征,本文设计了基于主-窃信道特征提取的数据标签投毒方法,实现了诱骗非合作方AMR模型的隐蔽后门触发机制,同时保证合作方准确可靠的识别率.此方法赋予通信设备主动防御能力,从物理层阻断了非合作方利用同源技术设备实施信号窃取的路径.本文在对多种AMR模型进行基线性能比较的基础上,进一步评估了所提方法在不同天线配置、投毒率、误导策略及信道估计相位误差下的性能表现.基于典型AMR模型的实验结果表明,在投毒率p=0.4时,多输入多输出(Multiple-Input Multiple-Output,MIMO)4×4场景下的攻击成功率(Attack Success Rate,ASR)达到89.94%,相较于单输入单输出(Single-Input Single-Output,SISO)场景下的76.28%显著提升了13.66%,且合作用户的良性准确率(Benign Accuracy,BA)维持在89.65%.此外,在投毒率p=0.5且存在上限为15°的信道估计相位偏差下,本方法的ASR仍能保持在89.21%,同时保证合作用户的BA为87.79%,表明本方法在保障合作用户通信可靠性的同时,具备针对非合作用户的高效且鲁棒的误导能力,为复杂通信环境下的物理层安全通信提供了新的技术范式.
Against the security threats of signal interception and communication intent exposure in non-cooperative adversarial communication scenarios,this paper proposes the conceal-truth-while-showing-fake modulation recognition method,breaking the traditional passive defense paradigm,for automatic modulation recognition(AMR)in intelligent elec⁃tronic devices.This approach achieves reliable transmission for cooperative links and precise deception for non-cooperative links in adversarial environments.Leveraging the multi-dimensional characteristics of multiple-input multiple-output(MI⁃MO)channels in the time-frequency-spatial domains,this paper designs a data label poisoning method based on feature ex⁃traction of the legitimate-eavesdropper channels,which realizes a covert backdoor trigger mechanism to mislead non-coop⁃erative AMR models while ensuring the accurate and reliable recognition rate of the cooperative party.This method endows communication devices with active defense capabilities and blocks the path for non-cooperative parties to conduct signal theft by utilizing homologous technical equipment from the physical layer.Based on the baseline performance comparison of various AMR models,this paper further evaluates the performance of the proposed method under different antenna con⁃figurations,poisoning rates,deception strategies,and channel estimation phase errors.The experimental results based on typical AMR models show that at a poisoning rate of p=0.4,the attack success rate(ASR)of the method reaches 89.94%in the 4×4 MIMO scenario,a significant increase of 13.66%compared with 76.28%in the single-input single-output(SISO)scenario,while the benign accuracy(BA)of cooperative users is maintained at 89.65%.In addition,at a poisoning rate of p=0.5 and with a maximum channel estimation phase deviation of 15°,the ASR of the proposed method can still be maintained at 89.21%,and the BA of cooperative users is guaranteed to be 87.79%.This demonstrates that the proposed method not on⁃ly ensures the communication reliability of cooperative users but also possesses efficient and robust misleading capabilities against non-cooperative users,providing a new technical paradigm for physical layer security in complex communication environments.
尹志胜;张智杰;承楠;刘怡良;王威
西安电子科技大学通信工程学院,陕西 西安 710071||空天地一体化综合业务网全国重点实验室,陕西 西安 710071西安电子科技大学通信工程学院,陕西 西安 710071西安电子科技大学通信工程学院,陕西 西安 710071||空天地一体化综合业务网全国重点实验室,陕西 西安 710071西安交通大学网络空间安全学院,陕西 西安 710049西安交通大学信息与通信工程学院,陕西 西安 710049
信息技术与安全科学
非合作对抗通信自动调制识别隐真示假后门攻击
non-cooperative adversarial communicationautomatic modulation recognitionconceal-truth-while-showing-fakebackdoor attack
《电子学报》 2026 (2)
507-516,10
国家自然科学基金(No.62201432) National Natural Science Foundation of China(No.62201432)
评论