Adversarial Robustness Analysis of Deep Learning-Based Automatic Modulation Classification in Wireless Communication
Deep learning-based Automatic Modulation Classification (AMC) has emerged as a critical technology for spectrum sensing and cognitive radio applications. However, the vulnerability of these models to adversarial attacks poses significant security concerns in wireless communication systems. This paper presents a comprehensive evaluation of adversarial robustness for a VTCNN2-based AMC model using the RadioML2016.10A dataset. We systematically analyze three representative adversarial attacks — FGSM, DeepFool, and C&W — and evaluate two defense mechanisms: adversarial training and Denoising Autoencoder (DAE). Our experimental results demonstrate that the baseline model is highly susceptible to adversarial perturbations, with accuracy dropping from 54.02% to as low as 10.80% under DeepFool attack. FGSM-based adversarial training improves robustness across multiple attacks, with a modest clean-accuracy drop. DAE preprocessing preserves clean accuracy but provides only limited gains under iterative L2 attacks. These findings highlight the urgent need for robust defense mechanisms in deep learning-based wireless communication systems.