Professional Documents
Culture Documents
Hongyang Du, Jiacheng Wang, and Dusit Niyato are with Nanyang Technological University, Singapore; Jiawen Kang (corresponding author)
Digital Object Identifier: is with Guangdong University of Technology, China; Zehui Xiong is with Singapore University of Technology and Design, Singapore;
10.1109/MWC.011.2200547 Mohsen Guizani is with Mohamed Bin Zayed University of Artificial Intelligence, UAE; Dong In Kim is with Sungkyunkwan University, South Korea.
Authorized licensed use limited to: Kyunghee Univ. Downloaded on July 21,2023 at 07:21:17 UTC from IEEE Xplore. Restrictions apply.
As such, we revisit classical communication ical medium [3]. The eavesdroppers could be
security techniques from the perspective of seman- malicious mobile devices or wireless sniffers with
tic networks, and discuss the novel attack and malicious plugins [3]. Unlike the encrypt method,
defense methods brought about by the semantic PLS independent of device computing capabili-
communications techniques. Our contributions are ty, which not only enables it to achieve effective
summarized as follows: security but also gives it a natural advantage in
• We revisit three security techniques, such as saving resources. Moreover, such a technique is
PLS, covert communications, and encryption. able to adjust transmission strategies according
For each technique, we discuss its new features to the physical layer characteristics to adapt to
in SIoT (For Q1).
• To quantify the new characteristics brought by
the SIoT to PLS and covert communications, 6HPDQWLF 6HPDQWLF
we propose two new performance indicators, A &RGLQJ 'HFRGLQJ
that is, semantic secrecy outage probability 6RXUFH 6HPDQWLF 6HPDQWLF 6RXUFH
0HVVDJH ,QIRUPDWLRQ ,QIRUPDWLRQ 0HVVDJH
(SSOP) and detection failure probability (DFP),
respectively (For Q2). Wireless Transmission
• We discuss the semantic attack schemes caused 'HYLFHLQ6,R7
by semantic communications technique, which 1HWZRUN 5HFHLYHU
can be divided into targeted and untarget- 6HPDQWLF
ed semantic attacks (For Q3). Furthermore, 'HFRGLQJ(UURU
we propose training-based and training-free 3UREDELOLW\ p1 Succeed or fail (DYHVGURSSHU -DPPHU
defense schemes. B
Revisiting Conventional Security Techniques 6HPDQWLF
'HFRGLQJ 6HFUHF\2XWDJH
In this section, we revisit wireless communication 6HPDQWLF,QIRUPDWLRQ 6RXUFH 3UREDELOLW\p2
security techniques, including PLS, covert commu- REWDLQHGE\ZLUHWDSSLQJ 0HVVDJH
nications, and encryption techniques (Table 1).
We present the definitions, features, and common Semantic Layer Communications Layer
security performance indicators. We then discuss p1 * p2
(1- p1) * p2 1- p2
the differences between these techniques when
6HPDQWLF6HFUHF\
applied in the SIoT and in the conventional IoT,
and propose novel performance indicators.
C 2XWDJH3UREDELOLW\ 6XFFHVVIXO6HPDQWLF )DLOHG6HPDQWLF
1ROHDNDJH
(1- p1) * p2
'HFRGLQJ 'HFRGLQJ
/HDNDJHRILQIRUPDWLRQ
Physical Layer Security WUDQVPLWWHGZLUHOHVVO\
Definition: The PLS is built upon the information
theory, which aims to protect wireless commu- FIGURE 1. Rethinking physical layer security technique in the semantic Internet
nications against eavesdropping by exploring of Things. A novel security performance indicator, such as semantic secrecy
and utilizing the inherent features of the phys- outage probability, is proposed.
Prevent th eeaavesdropper to
Avoid the eavesdropper toobtain the Avoid the warden to detect the occurrence
Purpose obtain the content of the source
content of the source message of wireless transmitting activities
message
Protocol Layer Physical Layer Physical Layer and Network Layer Mainly Upper Layer
Role in the SIot Protect semantic information from being Hide the transmission of semantic Encryption protection of semantic
Network decoded successfully by the eavesdropper information from detection by warden information
Authorized licensed use limited to: Kyunghee Univ. Downloaded on July 21,2023 at 07:21:17 UTC from IEEE Xplore. Restrictions apply.
Based on the above the wireless channel changes. According to the may not be unavailable to the eavesdropper.
discussion, one can working principles of PLS methods, the securi- • The objectives of the eavesdropper are different
conclude that the met- ty performance indicators mainly include secre- from those of the legitimate receiver, resulting in
cy outage probability (SOP), the probability of the eavesdropper unable to obtain the desired
rics reflecting the secu-
non-zero secrecy capacity (PNZ), and the average information. For example, a transmitter is a cam-
rity performance of secrecy capacity (ASC) [7]. era in the SIoT that captures street-view photos.
the SIoT are not only Average Secrecy Capacity: The secrecy capac- With the help of semantic communication tech-
SOP at the communi- ity can be obtained by calculating the difference nique, the camera acts as a transmitter to send
cation level, but also between the main channel capacity and wiretap the photos to a legitimate receiver. The owner
channel capacity. For a given constraint of perfect of the legitimate receiver is a vehicle company
the semantic decoding
secrecy, the average secrecy capacity provides a interested in the number and type of cars on
error probability (SDEP) criterion for capacity limit from a mathematical the street. At the same time, an eavesdropper
at the semantic level. point of view. For instance, if the legitimate user wants to steal pedestrians’ information on the
Here, SDEP describes is able to obtain the perfect channel state informa- road from images. However, the transmitter,
the probability that tion (CSI) of the eavesdropper’s channel, then the through the semantic encoder, transmits only
coding scheme can be flexibly adjusted to adapt the semantic information that satisfies the task
the eavesdropper can
to different fading coefficients. In principle, there- of the legitimate receiver, for example, image
successfully decode fore, one can realize any average secure commu- segmentation of vehicles. Therefore, even if the
the information that it nication rate, which is below the average secrecy eavesdropper has perfect access to the imag-
needs from the inter- capacity of the channel. es transmitted in the wireless environment, its
cepted semantic infor- Secrecy Outage Probability: The SOP is objective is not met in this case.
defined as the probability that the instantaneous • Mismatch between semantic encoding of the
mation.
secrecy capacity falls less than the target secrecy transmitter and semantic decoding of the eaves-
rate [7]. The SOP first provides the conditions that dropper. In semantic communication, semantic
the wireless channel needs to meet to support the encoding and decoding at the transmitter and
specified secure rate. Second, it gives a security receiver have to be jointly trained. This pro-
measure for cases where legitimate users have no cess can be used as a mechanism to secure
CSI about the eavesdropper. Therefore, as long as semantic communication further. For example,
the secrecy capacity is larger than the target secre- for image-based semantic extraction, the legit-
cy rate, the eavesdropper’s channel is worse than imate transmitter’s encoding engine is trained
legitimate users’ estimation and the secrecy of the with human-based datasets (e.g., human faces),
network is ensured. while the eavesdropper’s decoding is trained
Probability of Non-Zero Secrecy Capacity: If the with animal-based datasets. Thus, due to this
main channel capacity is larger than that of the eaves- model mismatch, even though the eaves-
dropper’s channel, the eavesdroppers are unable to dropper can intercept the transmitted data, it
decode the transmitted information. Here, the occur- may not be able to decode the human-based
rence probability of such an event is defined as the semantic information correctly.
PNZ. On this basis, according to the definition, the Based on the above discussion, one can con-
PNZ equals the probability that the instantaneously clude that the metrics reflecting the security
received signal-to-noise ratio (SNR) of the legitimate performance of the SIoT are not only SOP at
user is greater than that of the eavesdropper. the communication level, but also the semantic
Physical Layer Security in SIoT Network: In a decoding error probability (SDEP) at the semantic
conventional IoT, an eavesdropper is considered level. Here, SDEP describes the probability that
successful if it can obtain the source message sent the eavesdropper can successfully decode the
by the transmitter. However, in the SIoT, seman- information that it needs from the intercepted
tic information is transmitted in the wireless chan- semantic information. For example, in a seman-
nel and decoding is required to obtain the original tic communications system with visual question
source message, as shown in Fig. 1 (Part A). There- answering (VQA) task [8], SDEP can be the
fore, even if the eavesdropper intercepts the seman- probability that the eavesdropper uses the eaves-
tic information sent by the transmitter, it may still not dropped semantic information model to obtain
obtain the required information, as shown in Fig. 1 the correct answers to its own questions. From
(Part B). According to the characteristics of semantic the perspective of the system designer, the SDEP
communication, we discuss possible scenarios in can be estimated by modeling the questions that
which the eavesdropper succeeds in eavesdropping might be of interest to the eavesdropper.
on information but fails to decode it as follows: To measure the security performance in a com-
• Semantic decoding failure caused by back- prehensive manner, we propose a new security
ground knowledge difference between the performance metric for physical later security tech-
eavesdropper and the legitimate receiver. In the nique in the SIoT, which is named SSOP.
SIoT, legitimate communication participants Remark 1: As shown in Fig. 1 (Part C), SSOP
will share background knowledge for seman- describes the probability that the eavesdropper in
tic encoding and decoding. The eavesdropper the SIoT successfully eavesdrops on the semantic
might have the different background knowl- information sent by the transmitter and successfully
edge to decode the intercepted semantic infor- performs the semantic decoding. Therefore, SSOP is
mation. For example, the semantic information defined as the product of SOP and one minus SDEP.
“Mouse” could be decoded as an animal or a Note that when the task or interest of the eaves-
computer device, in which the eavesdropper dropper is unknown, SSOP cannot be calculated
may not be able to decode this meaning cor- accurately by the SIoT designer. However, our pro-
rectly. Moreover, the dataset used for semantic posed SSOP can still be used for theoretical upper-
encoder and decoder training can be regarded bound performance analysis to verify the robustness
as the shared background knowledge which of the proposed system design. Another possible
Authorized licensed use limited to: Kyunghee Univ. Downloaded on July 21,2023 at 07:21:17 UTC from IEEE Xplore. Restrictions apply.
research direction is to use statistical methods to
100 Secrecy Outage Probability
estimate the semantic information that eavesdrop-
pers may wish to obtain. Thus, the system designer Semantic Secrecy Outage Probability, SDEP = 30%
can estimate SSOP to facilitate secure SIoT design, Semantic Secrecy Outage Probability, SDEP = 70%
for example, to minimize SSOP given certain -1
10
resource constraints. Moreover, because the wire-
less transmission and the semantic encoding/decod-
ing schemes can be jointly optimized, a cross-layer -2
algorithm is expected to reduce the SSOP. 10
Probability
Figure 2 shows the SOP and the SSOP versus
the signal-to-noise ratio of the transmitter-receiver 10-3
8
link with different values of SDEP. We can observe 10
-3
that the probability that the eavesdropper fails 6
to decode the semantic information reduces the 4
SSOP. Specifically, when an eavesdropper in the
-4
semantic IoT has a 30 percent probability of not 10
being able to decode successfully semantic infor- 2
mation, that is, SDEP = 30 percent, the transmit- 28 30 32 34
ter can use an SNR roughly 1 dB lower to achieve
the same SSOP as the SOP in a conventional IoT. 10 20 30 40 50 60
Moreover, if a better pair of semantic encoder and Signal-to-noise Ratio of the Transmitter-receiver Link (dB)
decoder can be designed to increase further the
error probability of the eavesdropper in decod- FIGURE 2. The SOP and the SSOP versus the signal-to-noise ratio of the trans-
ing the semantic information, for example, SDEP mitter-receiver link with different values of SDEP. The distance between the
= 70 percent, we can observe that the transmitter transmitter and the receiver is 15 m, the distance between the transmitter
can use an SNR 5.5 dB lower to achieve the same and the eavesdropper is 18 m, the signal-to-noise ratio of the transmit-
SSOP as the SOP in a conventional IoT. ter-eavesdropper link is 0 dB, the target secrecy rate threshold is 1, the
An essential motivation for secure SIoT research number of antennas for the transmitter, receiver, and eavesdropper are all
is to perform cross-layer co-design. Although 3, and the path loss exponent is 2.
semantic communications can enhance system
security and reduce the transmit power required
to achieve a certain SSOP, the encoding and cessing capability. According to the above discus-
decoding of semantic information consume com- sion, the covert rate and DEP, which are detailed
putational resources of the network. Therefore, the as follows, are used to characterize the perfor-
trade-off between SIoT performance and security mance of covert communications.
should be considered. A more secure and more Detection Error Probability: The warden
efficient IoT can be achieved by designing joint needs to make a binary choice between silent and
transmit and jamming power allocation schemes transmitting via hypothesis testing. Therefore, the
in the physical layer and the semantic encoding/ detection error probability (DEP) is defined as the
decoding scheme in the semantic layer. Moreover, likelihood of the warden making a wrong decision,
because the specific definition of SSoP could be which contains two cases. The first one is that the
different in different systems, the model of SSoP warden chooses non-null-decision (transmitting)
needs further verification and study for future while the null hypothesis (silent) is accurate, which
work by considering the difference in background is called false alarm. Another one is that the war-
knowledge shared by the transmitter and receiver den sides with a null hypothesis when the non-null
and the matching degree of the training model. hypothesis is true, which is known as miss detec-
tion. The value of DEP is the sum of the probabili-
Covert Communications ties of making the above two wrong decisions.
Definition: So far, the PLS has been applied at Covert Rate: Besides DEP, the covert rate, which
large to boost wireless transmission security. describes the data transmission rate when the DEP
Despite its effectiveness, PLS still has certain lim- of the warden is close to one, is also vital. The
itations in other aspects. By analyzing the wire- covert rate of any user can be calculated based on
less signal, for instance, the user’s location may be the well-known Shannon–Hartley theorem [10].
exposed, which poses threat to user privacy. Such Covert Communications in SIoT Network: In
problems cannot be solved by PLS techniques, a covert communication system, the objective of
triggering the proposal of covert communications. the warden is to detect whether the transmission
Also known as low probability of detection com- is taking place with or without concerning what
munications, covert communications aim to deliv- data is being transmitted. Therefore, encoding the
er information to a legitimate user without being source message to be transmitted into semantic
caught by the warden, who attempt to detect information will not improve the DEP of the war-
such transmission [9]. The covert communications den. If the warden successfully detects that wireless
can include two major aspects: The first one focus- communication is taking place, it can analyze and
es mainly on analyzing and exploiting the uncer- obtain the transmitter’s information, such as the
tainty of the average power of malicious wardens. location, and then apply interference to block the
Another one is to send the signal covered by semantic communications. To make the DEP con-
high-power signals, so as to improve covertness. verge to 1 arbitrarily, the solutions are to design a
It is not difficult to see that covert communication reasonable transmitting power allocation scheme
never relies on the adversary’s competence, indi- and/or to use a friendly jammer or a reconfigu-
cating that transmission security can be perfectly rable intelligent surface, as in the conventional IoT.
guaranteed even if the attacker has a strong pro- The covert rate in the semantic IoT is the same as
Authorized licensed use limited to: Kyunghee Univ. Downloaded on July 21,2023 at 07:21:17 UTC from IEEE Xplore. Restrictions apply.
'HWHFWLRQ)UHTXHQF\
:DUGHQ
'HWHFWLRQ
VW'HWHFWLRQ WK'HWHFWLRQ WK'HWHFWLRQ Failure
Probability
.QRZOHGJH 7KHWLPHWRFRPSOHWH
'DWD$PRXQW
˖ 6HPDQWLF *UDSK &KDQQHO Ă WKHWUDQVPLVVLRQ
'HYLFHLQ6,R7 &RGLQJ &RGLQJ
&RYHUW5DWH
1HWZRUN
'HWHFWLRQ(UURU3UREDELOLW\
6RXUFH 7KHWLPHWRFRPSOHWH
0HVVDJH 6RXUFH &KDQQHO WKHWUDQVPLVVLRQ
'HYLFHLQFRQYHQWLRQDO
˖ &RGLQJ &RGLQJ
'DWD$PRXQW
Ă Ă
,R71HWZRUN
FIGURE 3. Rethinking covert communications technique in the semantic Internet of Things. A novel security performance indicator,
such as detection failure probability, is proposed.
Authorized licensed use limited to: Kyunghee Univ. Downloaded on July 21,2023 at 07:21:17 UTC from IEEE Xplore. Restrictions apply.
A general design is to integrate cryptography as 0.9
an option with semantic communication systems [4].
In SIoT, if the transmitter and receiver want to hide
the information from a potential eavesdropper, the Semantic Internet of Things
0.8 Conventional
goal is to minimize the error between the transmitter
and receiver while maximizing the error between
the transmitter and eavesdropper. Following this
idea, an encrypted semantic communication system 0.7
is designed in [4]. However, the authors in [4] only
considered symmetric encryption, and related work
is still in the early stage. Moreover, an interesting 0.6
future research direction is to optimize the encryp-
tion schemes dynamically according to the semantic Increased by 69%
Detection
information of the data. Specifically, a more efficient 0.5
and sophisticated encryption scheme can be used
to protect more critical semantic information.
0.4
New Security Issues
In this section, we discuss the new security issues
arising from the introduction of semantic commu-
0.3
nication techniques in the IoT. 100% 90% 80% 70% 60% 50% 40% 30% 20% 10%
Ratio of the Data Volume of Semantic Information to that of the Source Message
Semantic Attack in SIoT Network
Unlike the bit streams transmitted in convention- FIGURE 4. The detection failure probability versus the ratio of the data volume
al IoT, the semantic information in SIoT is largely of semantic information to that of the source message, in the SIoT and con-
task-related and dependent on the design of the ventional IoT, respectively. The DEP is 95 percent, the covert rate is 20 bit/s/
semantic encoder and decoder. However, a vari- Hz, the bandwidth is 5 MHz, and the warden detects the wireless environ-
ety of error-correcting coding methods have been ment at a frequency of twice per second.
designed to correct bit errors; methods that can
reduce semantic noise have rarely been investigat-
ed. Semantic noise in communication is defined as lect some images with snowy mountain as semantic
a type of disturbance caused by misunderstandings information to build a virtual object. The attacker
about the meaning of messages, which cause a can change some pixels in an irrelevant image to
mismatch between the source message and the make the semantic information of the irrelevant
obtained information by semantic encoding [5, 6]. image very close to snowy mountain. Therefore,
The semantic noise can have a small or large the loss function could be the cosine similarity of
impact on system performance. For example, the semantic vectors of the irrelevant pictures and
because of the small deviation of the text semantic the snowy mountain pictures. As shown in Fig. 5, as
vectors, the receiver decodes “bike” into “bicycle” the number of iterations increases, the semantic sim-
when recovering the text message. The receiver’s ilarity of the two images gradually increases. If the
judgment will not be affected. However, the distur- digital twin service provider cannot correctly detect
bance of some semantic information may seriously the semantic tampered images, its database will be
affect the communication system. For example, if the contaminated. Therefore, this type of attack can
images are incorrectly semantic encoded and upload- be called semantic data poisoning attack. Such a
ed to a dataset, the quality of the artificial intelligence semantic tampering approach can also be used for
model trained by the dataset may be affected. man-in-the-middle attacks. A malicious intermediate
In the SIoT, some semantic noise is naturally node capable of intercepting the wireless commu-
present, for example, different users have different nication channel can replace the images to be trans-
interpretations of the same word and require better mitted, without affecting the semantic information.
semantic encoding and decoding design to over- Untargeted Semantic Attack: Similar to the
come. However, some semantic noise is generated approach of the target semantic attack, but with a
by attackers with the aim of disrupting the semantic different objective function, the aim of the untar-
communication system. For source messages in text geted semantic attack is to minimize the similarity
form, synonym substitution or reversing the order of between the semantic information of the tampered
certain letters may cause the deep learning-based source message and its true semantic information.
semantic model to misinterpret the semantics of the In this case, the devices in the SIoT are unable to
sentence. For source messages in image form, only perform properly the semantic encoding of the mali-
by changing some pixels in an image, the semantic ciously tampered source message. For example, the
information extracted by a well pre-trained semantic semantic feature of the attack image in Fig. 5 is not
encoder can be completely inconsistent with the iterating to be closer to the “snowy mountain,” but
real content of the image [12]. Regardless of the as far from the “baseball player” as possible.
modality of the source message, the goal of the
semantic attack can vary and corresponds to differ- Defense Methods
ent loss function optimization. Training-Based Defense: By considering that a
Targeted Semantic Attack: The goal is to gen- large part of the semantic communication encod-
erate semantic tampered source messages with a ers and decoders are functioned by deep learning
given target semantic information. Here, the target methods, a feasible solution to reduce semantic
semantic information is the semantic information noise is to improve the robustness of semantic
that the receiver in the SIoT wants to receive. For models during the training process. Specifically,
example, a digital twin service provider wants to col- there have been some training-based methods,
Authorized licensed use limited to: Kyunghee Univ. Downloaded on July 21,2023 at 07:21:17 UTC from IEEE Xplore. Restrictions apply.
FIGURE 5. The targeted semantic attack approach. The experimental platform for running the attack algorithm is built on a generic Ubun-
tu 20.04 system with a AMD Ryzen Threadripper PRO 3975WX 32-Cores CPU and a NVIDIA RTX A5000 GPU.
for example, defensive distillation [13], weight opment of machine learning (ML) technologies,
perturbation [14], and adversarial training [15]. especially deep learning, which has shown signif-
Although several approaches have been made icant advantages in various applications. Most of
to improve model robustness using adversarial them, however, are often unable to explain their
samples in natural language and image processing decisions and actions during the operation process,
[15], semantic noise-resistant models in wireless triggering the research on explainable artificial intel-
communication have not been sufficiently studied. ligence (XAI). The XAI aims to provide users with
Fortunately, researchers can draw inspiration from detailed explanations of how the decision is made
existing adversarial training methods and consid- or the result is obtained. For semantic communi-
er the impact of wireless transmission in the SIoT. cations, which rely on ML, the XAI can make the
Recently, to reduce the impact of semantic noise on training of transceiver pairs change from black box
the system, a masked vector quantized-variational to white box, making the training process clearer
autoencoder (VQ-VAE) is developed as the robust and easier to understand. Such an improvement
semantic communication system [5]. To improve the allows semantic communication system design-
system robustness, a feature importance module is ers to identify and fix potential vulnerabilities or
proposed to suppress noise-related and task-indepen- threats and helps users understand and trust these
dent features. It is shown that the proposed masked semantic communications better. Therefore, study-
VQ-VAE requires 0.36 percent transmitted symbols ing explainable AI-aided semantic communications
of the conventional “joint photographic experts is indispensable to improving its security.
group (JPEG) + low-density parity-check coding”
method [5], while improving the system robustness Blockchain-Aided Semantic Internet of Things Network
by reducing the impacts of semantic noise. The blockchain is a chain of blocks that store all
Training-Free Defense: Research on train- committed transactions in a decentralized and dis-
ing-free defense methods remains to be developed. tributed network. Unlike the conventional ways, the
There are different defense methods for data with blockchain realizes the peer-to-peer digital assets
different modalities. Taking image data as an exam- transfer without any intermediaries, and the features
ple, a possible defense solution is to use the visual of decentralization, immutability, audit-ability, and
invariance of the semantic tampered images for transparency drive the transactions’ security. Consid-
correct semantic extraction. As shown in Fig. 5, ering the above advantages, the stored and shared
although the semantic similarity between the two transaction information in the blockchain can be
images is high for a semantic encoder, the human replaced with semantic information that needs to
eye can easily see the difference between them. be transmitted. In this way, not only the storage con-
The reason is that only some pixels in the attack sumption of the blockchain is reduced, but also, the
image have been adjusted. Inspired by this, we try decentralized blockchain verification mechanism
to blur both images by using Gaussian method, and would further improve the security of semantic con-
find that the semantic similarity between them can tent. Therefore, how to better integrate blockchain
be reduced from 0.987 to 0.78 without retraining and the SIoT is also worthy of further study.
the semantic model. As a future research direction,
more pre-processing solutions could be investigat- Secure Semantic Communications for Metaverse
ed to defend against this kind of semantic attack. To provide an ideal immersive experience for users
in Metaverse, the data that describes the user and
Future Direction physical world must be transmitted to the virtual
world efficiently and accurately. Semantic commu-
Explainable AI-Aided Semantic Communications nication is one of the best-suited techniques for this
The past few years have witnessed the rapid devel- task. Considering the data characteristics and appli-
Authorized licensed use limited to: Kyunghee Univ. Downloaded on July 21,2023 at 07:21:17 UTC from IEEE Xplore. Restrictions apply.
The Role of Physical Layer Security,” IEEE Commun. Stand. From a system point
cations’ requirements, it is vital to study semantic Mag., vol. 6, no. 1, Jan 2022, pp. 102–08.
communication security. From a system point of [4] X. Luo et al., “Encrypted Semantic Communication Using of view, the seman-
view, the semantic-aware encryption technology Adversarial Training for Privacy Preserving,” arXiv preprint tic-aware encryption
should be developed further to protect the data arXiv:2209.09008, 2022.
[5] Q. Hu et al., “Robust Semantic Communications With technology should
privacy. From the user perspective, the shared data Masked VQ-VAE Enabled Codebook,” arXiv preprint
could be protected by using advanced privacy-pre- be developed further
arXiv:2206.04011, 2022.
serving machine learning algorithms, for example, [6] W. Yang et al., “Semantic Communications for Future Inter- to protect the data
federated learning. Additionally, some legal pro- net: Fundamentals, Applications, and Challenges,” IEEE Com- privacy. From the user
mun. Surveys Tuts., to appear, 2022.
tections, such as privacy laws and data protection [7] A. Mukherjee et al., “Principles of Physical Layer Security in perspective, the shared
regulations, are indispensable. Multiuser Wireless Networks: A Survey,” IEEE Commun. Surv. data could be protect-
Tut., vol. 16, no. 3, Mar. 2014, pp. 1550–73.
Conclusion [8] H. Xie, Z. Qin, and G. Y. Li, “Task-Oriented Multi-User
Semantic Communications for VQA,” IEEE Wireless Com-
ed by using advanced
privacy-preserving
Considering the new features of the SIoT com- mun. Lett., vol. 11, no. 3, Mar. 2021, pp. 553–57.
pared to the conventional IoT, we rethought three [9] I. Makhdoom, M. Abolhasan, and J. Lipman, “A Comprehen- machine learning algo-
wireless communication security techniques, such sive Survey of Covert Communication Techniques, Limitations rithms, for example,
as PLS, covert communications, and encryption. and Future Challenges,” Comput. Secur., 2022, p. 102784.
[10] O. Rioul and J. C. Magossi, “On Shannon’s Formula and federated learning.
We discussed the characteristics of each technol- Hartley’s Rule: Beyond the Mathematical Coincidence,”
ogy when applied in SIoT. Specifically, the security Additionally, some legal
Entropy, vol. 16, no. 9, Sept. 2014, pp. 4892–4910.
enhancement that PLS can bring to the network [11] T.-X. Zheng et al., “Wireless Covert Communications Aided protections, such as
is further improved because of the encryption by Distributed Cooperative Jamming Over Slow Fading privacy laws and data
Channels,” IEEE Trans. Wireless Commun., vol. 20, no. 11,
characteristics of semantic information. In addi- Nov. 2021, pp. 7026–39. protection regulations,
tion, because semantic information with fewer bits [12] C. Szegedy et al., “Intriguing Properties of Neural Net- are indispensable.
can be transmitted faster than the source message, works,” Proc. Int’l. Conf. Learn. Represent., 2014.
the difficulty of achieving covert communications [13] N. Papernot et al., “Distillation as a Defense to Adversarial
Perturbations Against Deep Neural Networks,” Proc. IEEE
is reduced. To show these two new characteris- Symp. Secur. Priv., 2016, pp. 582–97.
tics, we proposed two new indicators: SSOP and [14] D. Wu, S.-T. Xia, and Y. Wang, “Adversarial Weight Pertur-
DFP. Lastly, we discussed new attacks and defense bation Helps Robust Generalization,” Proc. Adv. Neural Inf.
schemes that have emerged at the semantic level. Process. Syst., vol. 33, 2020, pp. 2958–69.
[15] Y. Bai et al., “Improving Adversarial Robustness via
We foresee that the combination of semantic com- Channel-Wise Activation Suppressing,” arXiv preprint
munications and classical security techniques will arXiv:2103.08307, 2021.
revolutionize the architecture of communication
networks, bringing new inspiration to the two most Biographies
Hongyang Du is working toward his Ph.D. at the School of
important dimensions of performance and security. Computer Science and Engineering, the Energy Research Institute
@ NTU, Interdisciplinary Graduate Program, Nanyang Technolog-
Acknowledgment ical University, Singapore. His research interests include semantic
This work was supported by NSFC under grant communications, Metaverse, and communication theory.
no. 62102099 and U22A2054, and the Pearl Jiacheng Wang is a Research Associate in Computer Science
River Talent Recruitment Program under Grant and Engineering at Nanyang Technological University, Singapore.
2021QN02S643, in part by the National Research Prior to that, he received his Ph.D. at the School of Communi-
Foundation (NRF), Singapore and Infocomm Media cation and Information Engineering, Chongqing University of
Posts and Telecommunications, Chongqing, China. His research
Development Authority under the Future Com- interests include wireless sensing and semantic communications.
munications Research Development Programme
(FCP), and DSO National Laboratories under the Dusit Niyato is a Professor at the School of Computer Science
AI Singapore Programme (AISG Award No: AISG2- and Engineering, at Nanyang Technological University, Singapore.
He received his Ph.D. in electrical and computer engineering
RP-2020-019), under Energy Research Test-Bed and from the University of Manitoba, Canada, in 2008. His research
Industry Partnership Funding Initiative, part of the interests are in the areas of sustainability, edge intelligence,
Energy Grid (EG) 2.0 programme, and under Des- decentralized machine learning, and incentive mechanism design.
Cartes and the Campus for Research Excellence
Jiawen Kang received his Ph.D. from the Guangdong Univer-
and Technological Enterprise (CREATE) programme, sity of Technology, China, in 2018. He has been a postdoc at
in part by the National Research Foundation Nanyang Technological University, Singapore from 2018 to
(NRF) and Infocomm Media Development Author- 2021. He currently is a Full Professor at Guangdong University
ity under the Future Communications Research of Technology, China. His research interests focus on block-
chain, security, and privacy protection.
Development Programme (FCP). The research is
also supported by the SUTD SRG-ISTD-2021-165, Zehui Xiong is an Assistant Professor at Singapore University of
the SUTD-ZJU IDEA Grant (SUTD-ZJU (VP) Technology and Design, and an Honorary Adjunct Senior Research
202102), and the Ministry of Education, Singapore, Scientist with Alibaba-NTU Singapore Joint Research Institute, Sin-
gapore. He received his Ph.D. at Nanyang Technological University
under its SUTD Kickstarter Initiative (SKI 20210204), (NTU), Singapore. His research interests include wireless communi-
in part by the National Research Foundation of cations, blockchain, edge intelligence, and Metaverse.
Korea (NRF) Grant funded by the Korean Govern-
ment (MSIT) under Grant 2021R1A2C2007638 and Mohsen Guizan is currently a Professor of Machine Learning and
the Associate Provost at Mohamed Bin Zayed University of Artifi-
the MSIT under the ICT Creative Consilience pro- cial Intelligence (MBZUAI), Abu Dhabi, UAE. His research interests
gram (IITP-2020-0-01821) supervised by the IITP. include applied machine learning, artificial intelligence, Internet of
Things, smart city, and cybersecurity. He was elevated to the IEEE
References Fellow in 2009 and was listed as a Clarivate Analytics Highly Cited
[1] W. Xu et al., “Edge Learning for B5G Networks With Dis- Researcher in Computer Science in 2019, 2020 and 2021.
tributed Signal Processing: Semantic Communication,
Edge Computing, and Wireless Sensing,” arXiv preprint Dong In Kim received his Ph.D. in electrical engineering from
arXiv:2206.00422, 2022. the University of Southern California, Los Angeles, CA, USA,
[2] Z. Yang et al., “Energy-Efficient Wireless Communications With in 1990. He is a Professor with the College of Information and
Distributed Reconfigurable Intelligent Surfaces,” IEEE Trans. Communication Engineering, Sungkyunkwan University, Suwon,
Wireless Commun., vol. 21, no. 1, Jan. 2021, pp. 665–79. South Korea. His research interests include Internet of Things,
[3] A. Chorti et al., “Context-Aware Security for 6G Wireless: wireless power transfer, and connected intelligence.
Authorized licensed use limited to: Kyunghee Univ. Downloaded on July 21,2023 at 07:21:17 UTC from IEEE Xplore. Restrictions apply.