Unsupervised Learning-Based Spectrum Sensing Algorithm with Defending Adversarial Attacks

Although the spectrum sensing algorithms based on deep learning have achieved remarkable detection performance, the sensing performance is easily affected by adversarial attacks due to the fragility of neural networks. Even slight adversarial perturbations lead to a sharp deterioration of the model detection performance. To enhance the defense capability of the spectrum sensing model against such attacks, an unsupervised learning-based spectrum sensing algorithm with defending adversarial attacks (USDAA) is proposed, which is divided into two stages: adversarial pre-training and fine-tuning. In the adversarial pre-training stage, encoders are used to extract the features of adversarial samples and clean samples, respectively, and then decoders are used to reconstruct the samples, and comparison loss and reconstruction loss are designed to optimize the network parameters. It can reduce the dependence of model training on labeled samples and improve the robustness of the model to attack perturbations. In the fine-tuning stage, a small number of adversarial samples are used to fine-tune the pre-trained encoder and classification layer to obtain the spectrum sensing defense model. The experimental results show that the USDAA algorithm is better than the denoising autoencoder and distillation defense algorithm (DAED) against FGSM and PGD adversarial attacks. The number of labeled samples used in USDAA is only 11% of the DAED. When the false alarm probability is 0.1 and the SNR is -10 dB, the detection probability of the USDAA algorithm for the fast gradient sign method (FGSM) and the projected gradient descent (PGD) attack samples with random perturbations is above 88%, while the detection probability of the DAED algorithm for both attack samples is lower than 69%. Additionally, the USDAA algorithm has better robustness to attack with unknown perturbations.