What problem does this paper attempt to address?

The problem that this paper attempts to solve is how to design a low - power white - box adversarial attack method in the deep - learning - based automatic modulation classification (AMC) system. Specifically, the paper proposes a method of using the Golden Ratio Search (GRS) algorithm to generate minimum - power adversarial samples, in the hope of effectively causing deep - learning models to misclassify without significantly changing the input signal. ### Problem Background 1. **Importance of Automatic Modulation Classification (AMC)**: - AMC is widely used in civilian and military communications to predict the modulation type of received signals. - In military applications, identifying the modulation type of signals helps detect potential attacks. 2. **Vulnerability of Deep - Learning Models**: - Although deep neural networks (DNNs) perform well in AMC tasks, they are vulnerable to adversarial attacks. - Adversarial attacks can significantly reduce the performance of the model by adding tiny perturbations to the original signal, affecting the security and reliability of the system. 3. **Limitations of Existing Adversarial Attack Methods**: - Existing adversarial attack methods such as FGSM and PGD are effective, but in some cases they require high energy or time costs. - Minimum - power adversarial attacks aim to achieve effective attacks with the least amount of energy. ### Main Contributions of the Paper 1. **Proposing a New Attack Method**: - Using GRS optimization technology to generate minimum - power adversarial attacks, ensuring the effectiveness of the attack while minimizing energy consumption. 2. **Evaluating the Performance of Multiple Advanced Architectures**: - Testing the performance of multiple advanced architectures including RMLResNet, MCNet, Lightweight, etc. under adversarial attacks. 3. **Comparing the Effects of Different Attack Methods**: - Comparing the proposed GRS method with existing attack methods such as FGSM and PGD, and verifying its efficiency under different defense mechanisms. ### Experimental Results - **Accuracy**: Under multiple SNR conditions, the adversarial accuracy of the GRS attack method on various models is low, indicating that its attack effect is significant. - **Robustness**: The average robustness value of the GRS attack method is low, indicating that it can deceive the model with a small perturbation intensity. - **Attack Time**: Although the GRS attack method takes more time to generate adversarial samples, compared with the CW method and the method in [13], its attack time is still shorter and more effective. ### Conclusion By introducing the GRS technology, the paper successfully designs a low - power adversarial attack method that can reduce energy consumption while ensuring the attack effect. The experimental results show that this method performs well under multiple advanced architectures and defense mechanisms, emphasizing the importance of adversarial attack research and providing a direction for future improvement of defense mechanisms. ### Formula Summary - Golden Ratio: \[ \varphi=\frac{\sqrt{5}-1}{2} \] - Average Robustness: \[ \hat{\rho}_{\text{adv}}(f)=\frac{1}{|D|}\sum_{x\in D}\frac{\|\hat{r}(x)\|_\infty}{\|x\|_\infty} \] where \(\|\cdot\|_\infty\) represents the L∞ norm, and \(\hat{r}(x)\) is the minimum perturbation required to misclassify \(x\). Hopefully, this information can help you better understand the research content and significance of this paper.