CITADEL: CSI-Based Jamming Detection and Open-Set Classification for IIoT Networks
Pith reviewed 2026-06-26 08:29 UTC · model grok-4.3
The pith
CITADEL uses only native CSI measurements in a two-stage pipeline to detect known jamming at 100 percent, zero-day attacks at 97.1 percent, and resist evasion at 0.4 percent false positive rate.
A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.
Core claim
CITADEL is the first end-to-end pipeline that converts CSI jamming signatures into closed-set classification of known attacks, open-set detection of zero-day attacks, and resistance to gradient-based and generator-based evasion, all while running on commodity IIoT devices at 100 percent known-attack detection, 97.1 percent zero-day detection, and 0.4 percent false positive rate.
What carries the argument
two-stage hierarchical pipeline that processes Channel State Information measurements first for detection then for classification and open-set rejection
If this is right
- IIoT gateways can run continuous jamming monitoring using only existing CSI reports without added radios or spectrum analyzers.
- Network operators gain a single model that handles both catalogued attacks and novel jamming without retraining for every new waveform.
- Edge devices can enforce the full pipeline at 14 milliseconds and under 100 millijoules, fitting within typical IIoT power and latency budgets.
- Systematic comparison shows no prior CSI method simultaneously meets the three requirements of detection accuracy, generalization to unseen attacks, and evasion resistance.
- The pipeline supplies concrete numerical targets (100 percent known, 97.1 percent unseen, under 2 percent evasion) against which future CSI-based defenses can be measured.
Where Pith is reading between the lines
- If CSI signatures remain stable across different hardware vendors and firmware versions, the same pipeline could be deployed across heterogeneous IIoT fleets without per-device retraining.
- The open-set component could be extended to other wireless threats such as spoofing or selective forwarding by swapping only the final rejection stage.
- Long-term operation would require periodic retraining on newly observed normal traffic to keep the false-positive floor near 0.4 percent as the environment drifts.
Load-bearing premise
The six known attack types and fifteen zero-day scenarios plus the white-box and black-box evasion tests stand in for the jamming threats and evasion attempts that would appear in real operational IIoT deployments.
What would settle it
A deployment trial on a live IIoT network that introduces jamming waveforms outside the fifteen zero-day cases and records detection below 90 percent or evasion above 10 percent would falsify the performance claims.
Figures
read the original abstract
Radio frequency jamming poses a critical threat to the availability of wireless Industrial Internet of Things (IIoT) networks. Existing detection and classification techniques are poorly suited to this setting: coarse signal-strength and cross-layer features lack information richness, while raw I/Q baseband approaches require hardware and throughput that is impractical at the scale of hundred-node IIoT deployments. This paper presents CITADEL, a lightweight two-stage hierarchical pipeline that uses only Channel State Information (CSI) measurements, which are natively available on commodity IIoT devices, to detect and classify jamming attacks including previously unseen ones. While prior work has shown that jamming leaves observable CSI signatures, CITADEL is the first system to translate this insight into an end-to-end pipeline that jointly achieves closed-set classification of known attacks, open-set detection of zero-day attacks, and resistance to adversarial evasion. Evaluated across 6 known attack types and 15 zero-day scenarios, CITADEL achieves 100% known-attack detection and 97.1% zero-day detection at a 0.4% end-to-end false positive rate. Under adversarial evaluation spanning white-box and black-box threat models, gradient-based evasion remains below 2% across all tested perturbation budgets and the strongest published CSI attack generator achieves less than 5% average evasion. A systematic comparison against eight baselines confirms that no existing method achieves comparable performance on CSI data across all three axes: detection, generalization, and robustness. The full pipeline completes inference in 14.2 ms at 95.9 mJ on an edge GPU, establishing CITADEL as a practical solution for large-scale IIoT network security.
Editorial analysis
A structured set of objections, weighed in public.
Referee Report
Summary. The paper presents CITADEL, a lightweight two-stage hierarchical pipeline that uses native Channel State Information (CSI) from commodity IIoT devices to detect and classify radio-frequency jamming attacks. It claims to be the first system to jointly perform closed-set classification of known attacks, open-set detection of zero-day attacks, and resistance to adversarial evasion, reporting 100% known-attack detection and 97.1% zero-day detection at a 0.4% end-to-end false positive rate across 6 known attack types and 15 zero-day scenarios, with gradient-based evasion below 2% and comparison against eight baselines, while running in 14.2 ms at 95.9 mJ on an edge GPU.
Significance. If the results hold, the work would be significant for demonstrating a practical, commodity-hardware approach to IIoT jamming defense that integrates closed-set classification, open-set generalization, and adversarial robustness in a single efficient pipeline, addressing limitations of prior signal-strength or I/Q-based methods.
major comments (2)
- [Evaluation section] Evaluation section (abstract and experimental results): The central performance claims (100% known-attack detection, 97.1% zero-day at 0.4% FPR) and the joint closed-set + open-set + robustness assertions are load-bearing on the representativeness of the fixed corpus of 6 known attack types and 15 zero-day scenarios. No analysis is provided showing that these scenarios exhaustively sample the threat space or that CSI signatures remain invariant under untested parameters such as varying power levels, duty cycles, frequency agility, or coordinated multi-node attacks; this directly limits the strength of the generalization and robustness conclusions.
- [Adversarial evaluation] Adversarial evaluation (abstract): The claim that the strongest published CSI attack generator achieves less than 5% average evasion is presented without detailing the specific threat models, perturbation budgets, or how the white-box and black-box evaluations map to operational IIoT constraints, which is necessary to substantiate the resistance claim.
minor comments (2)
- The abstract states quantitative results but defers all methods, dataset descriptions, and statistical validation to the body; a brief methods summary in the abstract would improve accessibility.
- Notation for the two-stage pipeline and open-set threshold could be clarified with a diagram or explicit equations in the methods section.
Simulated Author's Rebuttal
We thank the referee for the constructive feedback. We respond point-by-point to the major comments below.
read point-by-point responses
-
Referee: [Evaluation section] Evaluation section (abstract and experimental results): The central performance claims (100% known-attack detection, 97.1% zero-day at 0.4% FPR) and the joint closed-set + open-set + robustness assertions are load-bearing on the representativeness of the fixed corpus of 6 known attack types and 15 zero-day scenarios. No analysis is provided showing that these scenarios exhaustively sample the threat space or that CSI signatures remain invariant under untested parameters such as varying power levels, duty cycles, frequency agility, or coordinated multi-node attacks; this directly limits the strength of the generalization and robustness conclusions.
Authors: We agree that the evaluation relies on a fixed set of 6 known attack types and 15 zero-day scenarios without explicit analysis demonstrating exhaustive coverage of the threat space or invariance under all untested parameters (e.g., power levels, duty cycles, frequency agility, coordinated attacks). These scenarios were selected to span representative categories from the literature, but we acknowledge this does not prove exhaustiveness. In revision we will add a limitations subsection that explicitly discusses the scope of the corpus, the rationale for selection, and the implications for generalization claims, thereby tempering the assertions without new experiments. revision: partial
-
Referee: [Adversarial evaluation] Adversarial evaluation (abstract): The claim that the strongest published CSI attack generator achieves less than 5% average evasion is presented without detailing the specific threat models, perturbation budgets, or how the white-box and black-box evaluations map to operational IIoT constraints, which is necessary to substantiate the resistance claim.
Authors: The full manuscript contains a dedicated adversarial evaluation section that specifies the white-box and black-box threat models, the perturbation budgets examined, and their relation to IIoT operational constraints. The abstract condenses these results. To improve clarity at the summary level we will revise the abstract to briefly reference the evaluated threat models and budgets. revision: yes
Circularity Check
No circularity: empirical system evaluation with no derivations or self-referential predictions
full rationale
The paper describes an empirical ML pipeline for CSI-based jamming detection and classification, evaluated on a fixed corpus of 6 known + 15 zero-day attack scenarios plus adversarial tests. No equations, parameter fits, or predictions are presented that reduce to the inputs by construction. Performance numbers (100% known-attack detection, 97.1% zero-day at 0.4% FPR) are reported experimental outcomes on the chosen data, not tautological renamings or self-citation chains. The representativeness concern is a generalizability issue, not circularity in the derivation chain.
Axiom & Free-Parameter Ledger
Forward citations
Cited by 1 Pith paper
-
CSI Simulation: Why Additive Noise Fails and How to Fix It
AWGN fails to simulate CSI perturbations due to multiplicative AGC compression; M_QTC quantile model reduces amplitude error 8-fold, closes 89% fidelity gap, and recovers 93% of real-data jamming detection performance.
Reference graph
Works this paper leans on
-
[1]
Security and privacy chal- lenges in industrial Internet of Things,
A.-R. Sadeghi, C. Wachsmann, and M. Waidner, “Security and privacy chal- lenges in industrial Internet of Things, ” inProceedings of the 52nd Annual Design CITADEL: CSI-Based Jamming Detection and Open-Set Classification for IIoT Networks Automation Conference. ACM, 2015, pp. 1–6
2015
-
[2]
Challenges and op- portunities in securing the industrial Internet of Things,
M. Serror, S. Hack, M. Henze, M. Schuba, and K. Wehrle, “Challenges and op- portunities in securing the industrial Internet of Things, ”IEEE Transactions on Industrial Informatics, vol. 17, no. 5, pp. 2985–2996, 2021
2021
-
[3]
Cybersecurity of indus- trial cyber-physical systems: A review,
H. Kayan, M. Nunes, O. Rana, P. Burnap, and C. Perera, “Cybersecurity of indus- trial cyber-physical systems: A review, ”ACM Computing Surveys, vol. 54, no. 11s, pp. 1–35, 2022
2022
-
[4]
The feasibility of launching and detecting jamming attacks in wireless networks,
W. Xu, W. Trappe, Y. Zhang, and T. Wood, “The feasibility of launching and detecting jamming attacks in wireless networks, ” inProceedings of the 6th ACM International Symposium on Mobile Ad Hoc Networking and Computing . ACM, 2005, pp. 46–57
2005
-
[5]
Jamming attacks and anti-jamming strategies in wireless networks: A comprehensive survey,
H. Pirayesh and H. Zeng, “Jamming attacks and anti-jamming strategies in wireless networks: A comprehensive survey, ”IEEE Communications Surveys & Tutorials, vol. 24, no. 2, pp. 767–809, 2022
2022
-
[6]
JamRF: Performance analysis, evaluation, and implementation of RF jamming over Wi-Fi,
A. S. Ali, M. Baddeley, L. Bariah, M. Andreoni Lopez, W. T. Lunardi, J.-P. Giacalone, and S. Muhaidat, “JamRF: Performance analysis, evaluation, and implementation of RF jamming over Wi-Fi, ”IEEE Access, vol. 10, pp. 133 370–133 384, 2022
2022
-
[7]
German steel mill cyber attack,
R. M. Lee, M. J. Assante, and T. Conway, “German steel mill cyber attack, ”Indus- trial Control Systems, vol. 30, no. 62, pp. 1–15, 2014
2014
-
[8]
Outage and asset damage triggered by malicious manipulation of the control system in process plants,
M. Iaiani, A. Tugnoli, P. Macini, and V. Cozzani, “Outage and asset damage triggered by malicious manipulation of the control system in process plants, ” Reliability Engineering & System Safety , vol. 213, p. 107685, 2021
2021
-
[9]
An experimental security analysis of an industrial robot controller,
D. Quarta, M. Pogliani, M. Polino, F. Maggi, A. M. Zanchettin, and S. Zanero, “An experimental security analysis of an industrial robot controller, ” in2017 IEEE Symposium on Security and Privacy (SP) . IEEE, 2017, pp. 268–286
2017
-
[10]
Jamming detection in IoT wireless networks: An edge-AI based approach,
A. Hussain, N. Abughanam, J. Qadir, and A. Mohamed, “Jamming detection in IoT wireless networks: An edge-AI based approach, ” inProceedings of the 12th International Conference on the Internet of Things . ACM, 2023, pp. 57–64
2023
-
[11]
Machine learning-based jamming detection for IEEE 802.11: Design and experimental evaluation,
O. Puñal, I. Aktas, C.-J. Schnelke, G. Abidin, K. Wehrle, and J. Gross, “Machine learning-based jamming detection for IEEE 802.11: Design and experimental evaluation, ” in2014 IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks (WoWMoM), 2014, pp. 1–10
2014
-
[12]
Multi-stage jamming attacks detection using deep learning combined with kernelized support vector machine in 5G cloud radio access networks,
M. Hachimi, G. Kaddoum, G. Gagnon, and P. Illy, “Multi-stage jamming attacks detection using deep learning combined with kernelized support vector machine in 5G cloud radio access networks, ” in2020 International Symposium on Networks, Computers and Communications (ISNCC) , 2020, pp. 1–5
2020
-
[13]
JamShield: A machine learning detection system for over-the-air jamming attacks,
I. Panitsas, Y. Yigit, L. Tassiulas, L. Maglaras, and B. Canberk, “JamShield: A machine learning detection system for over-the-air jamming attacks, ” inICC 2025 – IEEE International Conference on Communications , 2025, pp. 1067–1072
2025
-
[14]
Jamming detection in low-BER mobile indoor scenarios via deep learning,
S. Sciancalepore, F. Kusters, N. K. Abdelhadi, and G. Oligeri, “Jamming detection in low-BER mobile indoor scenarios via deep learning, ”IEEE Internet of Things Journal, vol. 11, no. 8, pp. 14 682–14 697, 2024
2024
-
[15]
Tool release: Gathering 802.11n traces with channel state information,
D. Halperin, W. Hu, A. Sheth, and D. Wetherall, “Tool release: Gathering 802.11n traces with channel state information, ”ACM SIGCOMM Computer Communica- tion Review, vol. 41, no. 1, p. 53, 2011
2011
-
[16]
ESP-CSI: Applications based on Wi-Fi CSI (Channel State Information),
Espressif Systems, “ESP-CSI: Applications based on Wi-Fi CSI (Channel State Information), ” https://github.com/espressif/esp-csi, 2021, accessed: April 2026
2021
-
[17]
Free your CSI: A channel state information extraction platform for modern Wi-Fi chipsets,
F. Gringoli, M. Schulz, J. Link, and M. Hollick, “Free your CSI: A channel state information extraction platform for modern Wi-Fi chipsets, ” inProceedings of the 13th International Workshop on Wireless Network Testbeds, Experimental Eval- uation & Characterization, 2019, pp. 21–28
2019
-
[18]
Channel state informa- tion analysis for jamming attack detection in static and dynamic UAV networks,
P. Mykytyn, R. Chitauro, Z. Dyka, and P. Langendoerfer, “Channel state informa- tion analysis for jamming attack detection in static and dynamic UAV networks, ” in 2025 21st International Conference on Distributed Computing in Smart Systems and the Internet of Things (DCOSS-IoT) , 2025, pp. 322–327
2025
-
[19]
Magmaw: Modality-agnostic adversarial attacks on machine learning-based wireless communication systems,
J.-W. Chang, K. Sun, N. Heydaribeni, S. Hidano, X. Zhang, and F. Koushanfar, “Magmaw: Modality-agnostic adversarial attacks on machine learning-based wireless communication systems, ” inProceedings of the 32nd Network and Dis- tributed System Security Symposium (NDSS) , 2025
2025
-
[20]
CSI-based location-independent human activity recognition with parallel convolutional networks,
Y. Zhang, Y. Yin, Y. Wang, J. Ai, and D. Wu, “CSI-based location-independent human activity recognition with parallel convolutional networks, ”Computer Communications, vol. 197, pp. 87–95, 2023
2023
-
[21]
Explaining and Harnessing Adversarial Examples
I. J. Goodfellow, J. Shlens, and C. Szegedy, “Explaining and harnessing adversarial examples, ” in3rd International Conference on Learning Representations (ICLR 2015), 2015. [Online]. Available: https://arxiv.org/abs/1412.6572
work page internal anchor Pith review Pith/arXiv arXiv 2015
-
[22]
Adversarial attacks on deep-learning based radio signal classification,
M. Sadeghi and E. G. Larsson, “Adversarial attacks on deep-learning based radio signal classification, ”IEEE Wireless Communications Letters , vol. 8, no. 1, pp. 213–216, 2019
2019
-
[23]
Robust adversarial attacks against DNN-based wireless communication systems,
A. Bahramali, M. Nasr, A. Houmansadr, D. Goeckel, and D. Towsley, “Robust adversarial attacks against DNN-based wireless communication systems, ” in Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security, 2021, pp. 126–140
2021
-
[24]
Practical adversarial attack on WiFi sensing through unnoticeable communication packet perturbation,
C. Li, M. Xu, Y. Du, L. Liu, C. Shi, Y. Wang, H. Liu, and Y. Chen, “Practical adversarial attack on WiFi sensing through unnoticeable communication packet perturbation, ” inProceedings of the 30th Annual International Conference on Mobile Computing and Networking (MobiCom) , 2024, pp. 373–387
2024
-
[25]
FENCE: Feasible evasion attacks on neural net- works in constrained environments,
A. Chernikova and A. Oprea, “FENCE: Feasible evasion attacks on neural net- works in constrained environments, ”ACM Transactions on Privacy and Security , vol. 25, no. 4, pp. 34:1–34:34, 2022
2022
-
[26]
Obfuscated gradients give a false sense of security: Circumventing defenses to adversarial examples,
A. Athalye, N. Carlini, and D. Wagner, “Obfuscated gradients give a false sense of security: Circumventing defenses to adversarial examples, ” inProceedings of the 35th International Conference on Machine Learning , ser. Proceedings of Machine Learning Research, vol. 80. PMLR, 2018, pp. 274–283
2018
-
[27]
ANSI/ISA-95: Enterprise-control system in- tegration,
International Society of Automation, “ANSI/ISA-95: Enterprise-control system in- tegration, ” International Standard, 2010, series of standards, Parts 1–5, published 2000–2025
2010
-
[28]
IEC 62443: Security for industrial automation and control systems,
International Electrotechnical Commission, “IEC 62443: Security for industrial automation and control systems, ” International Standard, 2018, series of standards published 2009–2023
2018
-
[29]
On evaluating adversarial robustness,
N. Carlini, A. Athalye, N. Papernot, W. Brendel, J. Rauber, D. Tsipras, I. Goodfel- low, A. Madry, and A. Kurakin, “On evaluating adversarial robustness, ” 2019
2019
-
[30]
On adaptive attacks to adver- sarial example defenses,
F. Tramèr, N. Carlini, W. Brendel, and A. Madry, “On adaptive attacks to adver- sarial example defenses, ” inAdvances in Neural Information Processing Systems , vol. 33, 2020, pp. 1633–1645
2020
-
[31]
Squeeze-and-excitation networks,
J. Hu, L. Shen, and G. Sun, “Squeeze-and-excitation networks, ” inProceedings of the IEEE Conference on Computer Vision and Pattern Recognition (CVPR) , 2018, pp. 7132–7141
2018
-
[32]
Auto-Encoding Variational Bayes
D. P. Kingma and M. Welling, “Auto-encoding variational Bayes, ” in 2nd International Conference on Learning Representations (ICLR 2014) , 2014. [Online]. Available: https://arxiv.org/abs/1312.6114
work page internal anchor Pith review Pith/arXiv arXiv 2014
-
[33]
U-Net: Convolutional networks for biomedical image segmentation,
O. Ronneberger, P. Fischer, and T. Brox, “U-Net: Convolutional networks for biomedical image segmentation, ” inMedical Image Computing and Computer- Assisted Intervention – MICCAI 2015 , ser. Lecture Notes in Computer Science, vol
2015
-
[34]
Springer, 2015, pp. 234–241
2015
-
[35]
Denoising diffusion probabilistic models,
J. Ho, A. Jain, and P. Abbeel, “Denoising diffusion probabilistic models, ” inAd- vances in Neural Information Processing Systems , vol. 33, 2020, pp. 6840–6851
2020
-
[36]
Diffusion mod- els for adversarial purification,
W. Nie, B. Guo, Y. Huang, C. Xiao, A. Vahdat, and A. Anandkumar, “Diffusion mod- els for adversarial purification, ” inProceedings of the 39th International Conference on Machine Learning (ICML) , ser. Proceedings of Machine Learning Research, vol. 162. PMLR, 2022, pp. 16 805–16 827
2022
-
[37]
Energy-based out-of-distribution detection,
W. Liu, X. Wang, J. D. Owens, and Y. Li, “Energy-based out-of-distribution detection, ” inAdvances in Neural Information Processing Systems , vol. 33, 2020, pp. 21 464–21 475
2020
-
[38]
A simple unified framework for detect- ing out-of-distribution samples and adversarial attacks,
K. Lee, K. Lee, H. Lee, and J. Shin, “A simple unified framework for detect- ing out-of-distribution samples and adversarial attacks, ” inAdvances in Neural Information Processing Systems, vol. 31, 2018, pp. 7167–7177
2018
-
[39]
A well-conditioned estimator for large-dimensional covariance matrices,
O. Ledoit and M. Wolf, “A well-conditioned estimator for large-dimensional covariance matrices, ”Journal of Multivariate Analysis, vol. 88, no. 2, pp. 365–411, 2004
2004
-
[40]
Mayhem firmware for PortaPack/HackRF,
PortaPack Mayhem Contributors, “Mayhem firmware for PortaPack/HackRF, ” https://github.com/portapack-mayhem/mayhem-firmware, 2024, accessed: April 2026
2024
-
[41]
Towards deep learning models resistant to adversarial attacks,
A. Madry, A. Makelov, L. Schmidt, D. Tsipras, and A. Vladu, “Towards deep learning models resistant to adversarial attacks, ” in 6th International Conference on Learning Representations (ICLR 2018) , 2018. [Online]. Available: https://openreview.net/forum?id=rJzIBfZAb
2018
-
[42]
UMAP: Uniform Manifold Approximation and Projection for Dimension Reduction
L. McInnes, J. Healy, and J. Melville, “UMAP: Uniform manifold approximation and projection for dimension reduction, ”arXiv preprint arXiv:1802.03426, 2018
work page internal anchor Pith review Pith/arXiv arXiv 2018
-
[43]
Square attack: A query-efficient black-box adversarial attack via random search,
M. Andriushchenko, F. Croce, N. Flammarion, and M. Hein, “Square attack: A query-efficient black-box adversarial attack via random search, ” in European Conference on Computer Vision (ECCV) . Springer, 2020, pp. 484–501
2020
-
[44]
HopSkipJumpAttack: A query- efficient decision-based attack,
J. Chen, M. I. Jordan, and M. J. Wainwright, “HopSkipJumpAttack: A query- efficient decision-based attack, ” inIEEE Symposium on Security and Privacy (SP) . IEEE, 2020, pp. 1277–1294
2020
-
[45]
Adversarial machine learning in network intrusion detection systems,
E. Alhajjar, P. Maxwell, and N. Bastian, “Adversarial machine learning in network intrusion detection systems, ”Expert Systems with Applications, vol. 186, p. 115782, 2021
2021
-
[46]
A baseline for detecting misclassified and out-of-distribution examples in neural networks,
D. Hendrycks and K. Gimpel, “A baseline for detecting misclassified and out-of-distribution examples in neural networks, ” in 5th International Conference on Learning Representations (ICLR 2017) , 2017. [Online]. Available: https://openreview.net/forum?id=Hkg4TI9xl
2017
-
[47]
Out-of-distribution detection with deep nearest neighbors,
Y. Sun, Y. Ming, X. Zhu, and Y. Li, “Out-of-distribution detection with deep nearest neighbors, ” inProceedings of the 39th International Conference on Machine Learning, ser. Proceedings of Machine Learning Research, vol. 162. PMLR, 2022, pp. 20 827–20 840
2022
-
[48]
Extremely simple activation shaping for out-of-distribution detection,
A. Djurisic, N. Bozanic, A. Ashok, and R. Liu, “Extremely simple activation shaping for out-of-distribution detection, ” in 11th International Conference on Learning Representations (ICLR 2023) , 2023. [Online]. Available: https: //openreview.net/forum?id=ndYXTEL6cZz
2023
-
[49]
ViM: Out-of-distribution with virtual- logit matching,
H. Wang, Z. Li, L. Feng, and W. Zhang, “ViM: Out-of-distribution with virtual- logit matching, ” inProceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR) , 2022, pp. 4911–4920
2022
-
[50]
JADE: Data-driven automated jammer detection framework for opera- tional mobile networks,
C. Kilinc, M. K. Marina, M. Usama, S. Ergüt, J. Crowcroft, T. Gundogdu, and I. Akinci, “JADE: Data-driven automated jammer detection framework for opera- tional mobile networks, ” inIEEE INFOCOM 2022 – IEEE Conference on Computer Communications, 2022, pp. 1139–1148. Aymen Bouferroum et al
2022
-
[51]
LTE/LTE-A jamming, spoofing, and sniffing: Threat assessment and mitigation,
M. Lichtman, R. Piqueras Jover, M. Labib, R. M. Rao, V. Marojevic, and J. H. Reed, “LTE/LTE-A jamming, spoofing, and sniffing: Threat assessment and mitigation, ” IEEE Communications Magazine, vol. 54, no. 4, pp. 54–61, 2016
2016
-
[52]
Detecting 5G signal jammers using spectrograms with supervised and unsupervised learning,
M. Varotto, S. Valentin, and S. Tomasin, “Detecting 5G signal jammers using spectrograms with supervised and unsupervised learning, ” in2024 IEEE Inter- national Conference on Communications Workshops (ICC Workshops) , 2024, pp. 767–772
2024
-
[53]
Weak-jamming detection in IEEE 802.11 networks: Techniques, scenarios and mobility,
M. Hanegraaf, S. Sciancalepore, and G. Oligeri, “Weak-jamming detection in IEEE 802.11 networks: Techniques, scenarios and mobility, ”Computer Networks, vol. 280, p. 112160, 2026
2026
-
[54]
Spot- Light: Accurate, explainable and efficient anomaly detection for open RAN,
C. Sun, U. Pawar, M. Khoja, X. Foukas, M. K. Marina, and B. Radunovic, “Spot- Light: Accurate, explainable and efficient anomaly detection for open RAN, ” in Proceedings of the 30th Annual International Conference on Mobile Computing and Networking (MobiCom), 2024, pp. 923–937
2024
-
[55]
Exploring practical vulnerabilities of machine learning-based wireless systems,
Z. Liu, C. Xu, E. Sie, G. Singh, and D. Vasisht, “Exploring practical vulnerabilities of machine learning-based wireless systems, ” in 20th USENIX Symposium on Networked Systems Design and Implementation (NSDI) , 2023, pp. 1801–1817
2023
-
[56]
RIStealth: Practical and covert physical- layer attack against WiFi-based intrusion detection via reconfigurable intelligent surface,
Y. Zhou, C. Li, H. Chen, and Q. Zhang, “RIStealth: Practical and covert physical- layer attack against WiFi-based intrusion detection via reconfigurable intelligent surface, ” inProceedings of the 21st ACM Conference on Embedded Networked Sensor Systems (SenSys), 2024, pp. 195–208
2024
-
[57]
Phantom-CSI attacks against wireless liveness detection,
Q. He and S. Fang, “Phantom-CSI attacks against wireless liveness detection, ” in Proceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses. ACM, 2023, pp. 440–454
2023
-
[58]
MANDA: On adversarial example detection for network intrusion detection system,
N. Wang, Y. Chen, Y. Xiao, Y. Hu, W. Lou, and Y. T. Hou, “MANDA: On adversarial example detection for network intrusion detection system, ”IEEE Transactions on Dependable and Secure Computing , vol. 20, no. 2, pp. 1139–1153, 2023
2023
-
[59]
NIDS-DA: Detecting functionally preserved adversarial examples for network intrusion detection system using deep autoencoders,
V. Kumar, K. Kumar, M. Singh, and N. Kumar, “NIDS-DA: Detecting functionally preserved adversarial examples for network intrusion detection system using deep autoencoders, ”Expert Systems with Applications, vol. 270, p. 126513, 2025
2025
-
[60]
AdvPurRec: Strengthening network intrusion detection with diffusion model reconstruction against adversarial attacks,
N. Alhussien and A. Aleroud, “AdvPurRec: Strengthening network intrusion detection with diffusion model reconstruction against adversarial attacks, ” in Proceedings of the IEEE 23rd International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom) , 2024, pp. 1638–1646
2024
-
[61]
A novel multi-stage approach for hierarchical intrusion detection,
M. Verkerken, L. D’Hooge, D. Sudyana, Y.-D. Lin, T. Wauters, B. Volckaert, and F. De Turck, “A novel multi-stage approach for hierarchical intrusion detection, ” IEEE Transactions on Network and Service Management , vol. 20, no. 3, pp. 3915– 3929, 2023. A Ethical Considerations This work involves the deliberate generation of RF jamming signals, which rais...
2023
discussion (0)
Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.