Secure Semantic Communications with Adversarial Training and Active Eavesdropper
摘要
Semantic communication is gaining popularity in wireless image transmission systems due to its high efficiency. However, this efficiency comes with security drawbacks. It makes transmissions easier for eavesdroppers to capture and gives adversaries opportunities to inject misleading content. These weaknesses expose the current semantic communication systems to both eavesdropping and semantic attacks. To mitigate these threats, this paper proposes a secure framework that combines the Swin Transformer-based Joint Source-Channel Coding (SwinJSCC) architecture with two defense mechanisms: adversarial training and physical-layer artificial noise (AN) injection. The adversarial training improves resilience against over-the-air attacks by training the system on disturbed signals. Meanwhile, AN injection jams the eavesdropper’s reception without affecting legitimate receivers. This dual strategy protects semantic communications from unauthorized interception while preserving robust reconstruction quality. Extensive simulations show that the proposed secure SwinJSCC system achieves superior performance compared to baseline and traditional methods at high signal-to-noise ratio (SNR) and maintains comparable performance at low SNR. These results confirm that integrating adversarial training with AN injection effectively secures semantic communications without compromising transmission efficiency.