High-robustness integrated adversarial training method for fingerprint-based indoor localization systems
In response to the vulnerability of fingerprint-based indoor positioning models to adversarial sample attacks, as well as the high resource overhead and limited generalization ability of traditional adversarial training, an ensemble adversarial defense method based on data augmentation and distillat...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
Editorial Department of Journal on Communications
2025-01-01
|
| Series: | Tongxin xuebao |
| Subjects: | |
| Online Access: | http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2025138/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | In response to the vulnerability of fingerprint-based indoor positioning models to adversarial sample attacks, as well as the high resource overhead and limited generalization ability of traditional adversarial training, an ensemble adversarial defense method based on data augmentation and distillation, named EDEAD, was proposed. In EDEAD, the data distillation technique was employed to improve the quality of the augmented data and the early stopping algorithm was used to save training costs. Additionally, a coherence gradient alignment loss term was introduced to enhance adversarial response consistency among sub-models while maintaining inter-model diversity. This effectively reduced the transferability of adversarial samples among different positioning models and enhanced the robustness and generalization of the entire indoor positioning system. Experimental results show that under strong black-box attacks, comparing to the traditional high-robustness ensemble strategies GAL and DVERGE, EDEAD reduces time overhead by 30.6% and 26.1%, respectively, while improving positioning accuracy by 70.6% and 28.3%. These findings verify that EDEAD optimizes computational efficiency while maintaining high robustness. |
|---|---|
| ISSN: | 1000-436X |