Learn to Defend: Adversarial Multi-Distillation for Automatic Modulation Recognition Models.

Automatic modulation recognition (AMR) of radio signal is an important research topic in the area of non-cooperative communication and cognitive radio. Recently deep learning (DL) techniques enable significant progress in AMR. However, the techniques of adversarial machine learning cause the threats of adversarial attacks in DL-based AMR. In this paper, we aim to make AMR model robust, accurate and lightweight, thus propose a multi-distillation mechanism for robust training of DL-based AMR models, namely Adversarial Multi-Distillation (AMD). In the framework of AMD, by knowledge distillation, two powerful teacher models transfer the learned classification knowledge and defense knowledge, respectively, to the student model to form robust training. Our experiments with public dataset RML2016.10a show that the proposed method can significantly improve the defense of AMR models to against adversarial perturbations and keep relatively high classification accuracy, which enables robust decision making with lightweight models under adversarial attacks.