Protection Against Poisoning Attacks on Federated Learning-Based Spectrum Sensing \ \lg \ }} ?

Federated-Learning (FL) based Spectrum Sensing (SS) method is considered for the application in future cognitive radio communication systems due to its supreme performance in changing radio environments as compared to classic cooperative or non-cooperative SS. It also avoids transferring large train...

Full description

Saved in:
Bibliographic Details
Published inIEEE journal on selected areas in communications Vol. 43; no. 6; pp. 2042 - 2055
Main Authors Wasilewska, Malgorzata, Bogucka, Hanna
Format Journal Article
LanguageEnglish
Published New York IEEE 01.06.2025
The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Subjects
Algorithms
Brain modeling
Classification algorithms
Cognitive radio
Communications systems
Data models
data poisoning
False alarms
Federated learning
Heuristic algorithms
label-flipping
Machine learning
Poisoning
Prevention and mitigation
Protection
Radio communications
Resource management
Sensors
Servers
Simulation
Spectrum sensing
Training
Online AccessGet full text
ISSN0733-8716
1558-0008
DOI10.1109/JSAC.2025.3560285

Cover

More Information
Summary:Federated-Learning (FL) based Spectrum Sensing (SS) method is considered for the application in future cognitive radio communication systems due to its supreme performance in changing radio environments as compared to classic cooperative or non-cooperative SS. It also avoids transferring large training datasets with high-resolution localization data. The FL algorithm is the subject of poisoning attacks that can be random or coordinated. In this paper, we first evaluate the impact of such attacks on the FL-based SS performance. Next, we propose a zero-trust method based on continuous monitoring and classification of the sensors' models to detect attacked models. These models are then eliminated from the global model construction in FL. Our method is semi-blind, i.e., it does not require an apriori knowledge of who are the genuine actors participating in FL. Simulation results of the system under various attacks (random or coordinated, moderate or very aggressive, deliberately increasing or decreasing the spectrum occupancy) show that our method decreases the SS probability of false alarms by 89 % and increases the SS probability of detection by 16 % in case of the most severe targeted attacks in the most critical SNR ranges.
Bibliography:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ISSN:0733-8716
1558-0008
DOI:10.1109/JSAC.2025.3560285