Hide menu

Available internal projects

Adversarial Attacks on Deep Learning Based Intelligent Wireless Systems

Contact: Meysam Sadeghi

Project Description

Deep learning (DL) is a rising branch of machine learning that has shown significant performance in many disciplines. However, DL suffers from a fundamental security and robustness issue. Fig. 1 shows an image of a panda, and Fig. 2 shows the same picture, while a very smal perturbation is added to the image. Now if you show theses two images to an state-of-the-art deep network, i.e.,GoogleNet, it thinks that Fig. 1 is a panda with less than 58% confidence, and Fig 2 is a monkey with 99.3% confidence [1].

Figure 1: Clean image
Figure 2: Clean image plus slight perturbation

The aforementioned observation pose a fundamental security threat on the applications of DL in any discipline [1,2]. In the proposed master thesis, we would like to study such security threats in DL based intelligent wireless systems. More precisely, given a wireless system that uses DL for determining the employed modulation technique, as shown in Fig. 3, we are interested to create adversarial attacks that destroy the performance of the DL based wireless system [3].


Figure 3: An adversarial attack on DNN based intelligent wireless system.

For further information contact meysam.sadeghi@liu.se, or visit my office at Communication Systems division of ISY, at B-Huset, Entrance 29, Rum 3A.457 Campus Valla.

Obtained Qualifications by doing this Project

By doing this project

  • The student will extend his knowledge and gain a deep understanding of deep learning, signal processing, and wireless communication.
  • A main benefit of the project is its practical implementation in audible frequency range, which can be used to showcase your expertise in the aforementioned disciplines.
  • Moreover, the student will obtain
    • experimental knowledge and hands-on work experience with TensorFlow and Keras (two popular deep learning framework)
    • dataset generation skills
    • data pre-processing mastery using popular signal processing techniques
    • a fundamental understanding of wireless systems


If you are interested, please schedule a time to check if you will fit. As a general guideline, a good applicant should have the following skills.

  • Programming: Python and TensorFlow.
  • Deep Learning: General understanding of DNNs.
  • Courses/Background knowledge:
    • signals and systems
    • digital communications


[1] I. J. Goodfellow, J. Shlens, and C. Szegedy, “Explaining and harnessing adversarial examples,” arXiv preprint arXiv:1412.6572, 2014.
[2] A. Kurakin, I. Goodfellow, S. Bengio, Y. Dong, F. Liao, M. Liang, T. Pang, J. Zhu, X. Hu, C. Xie et al., “Adversarial attacks and defences competition,” arXiv preprint arXiv:1804.00097, 2018.
[3] M. Sadeghi and E. G. Larsson, “Adversarial attacks on deep-learning based radio signal classification,”IEEE Wireless Commun. Lett., 2018. [Online]. Available: https://arxiv.org/abs/1808.07713

Page responsible: Danyo Danev
Last updated: 2018 11 21   15:41