Exploiting the Divergence Between Output of ML Models to Detect Adversarial Attacks in Streaming IoT Applications

Abdullatif Albaseer, Mohamed Abdallah, Ala Al-Fuqaha

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

The majority of streaming Internet of Things (IoT) applications use machine learning models to identify and classify streaming inputs before forwarding them for further processing. These streaming IoT systems, however, are vulnerable to poisoning and adversarial attacks. An adversary deliberately modifies the input by adding a small perturbation during the communication to fool the class label into producing an arbitrary or specific output. The increasing number of well-developed, imperceptible attacks necessitates more sophisticated countermeasures. To this end, this paper underlines this problem and proposes a new scheme based on committee-based machine learning models: some have experience with only benign inputs, and others with benign and adversarial inputs. Then, the probabilities of the outputs of these pairs' models are utilized. The KL-divergence after that is applied to identify, detect, and mitigate such streaming attacks. Specifically, we use the uncertainty measures between the output of mitigation and non-mitigation ML models as a proxy to identify adversely attacked inputs. We use traffic sign classification in autonomous vehicle technology as a streaming IoT application. Our experiments demonstrate that the proposed approach can detect and mitigate adversarial attacks with high confidence for the white-box attack.

Original languageEnglish
Title of host publicationICC 2023 - IEEE International Conference on Communications
Subtitle of host publicationSustainable Communications for Renaissance
EditorsMichele Zorzi, Meixia Tao, Walid Saad
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages3090-3095
Number of pages6
ISBN (Electronic)9781538674628
DOIs
Publication statusPublished - 2023
Event2023 IEEE International Conference on Communications, ICC 2023 - Rome, Italy
Duration: 28 May 20231 Jun 2023

Publication series

NameIEEE International Conference on Communications
Volume2023-May
ISSN (Print)1550-3607

Conference

Conference2023 IEEE International Conference on Communications, ICC 2023
Country/TerritoryItaly
CityRome
Period28/05/231/06/23

Keywords

  • Adversarial Attacks
  • Attack Identification
  • Edge Streaming Applications
  • Machine Learning
  • Streaming Images

Fingerprint

Dive into the research topics of 'Exploiting the Divergence Between Output of ML Models to Detect Adversarial Attacks in Streaming IoT Applications'. Together they form a unique fingerprint.
  • EX-QNRF-NPRPS-37: Secure Federated Edge Intelligence Framework for AI-driven 6G Applications

    Abdallah, M. M. (Lead Principal Investigator), Al Fuqaha, A. (Principal Investigator), Hamood, M. (Graduate Student), Aboueleneen, N. (Graduate Student), Student-1, G. (Graduate Student), Student-2, G. (Graduate Student), Fellow-1, P. D. (Post Doctoral Fellow), Assistant-1, R. (Research Assistant), Mohamed, D. A. (Principal Investigator), Mahmoud, D. M. (Principal Investigator), Al-Dhahir, P. N. (Principal Investigator) & Khattab, P. T. (Principal Investigator)

    19/04/2130/08/24

    Project: Applied Research

Cite this