Unveiling the Threat: Data-Free Backdoor Attacks on Pre-Trained Models for RF Fingerprinting
Article
Zhao, T, Zhang, J, Dai, J et al. (2025). Unveiling the Threat: Data-Free Backdoor Attacks on Pre-Trained Models for RF Fingerprinting
. IEEE TRANSACTIONS ON MOBILE COMPUTING, 10.1109/TMC.2025.3628527
Zhao, T, Zhang, J, Dai, J et al. (2025). Unveiling the Threat: Data-Free Backdoor Attacks on Pre-Trained Models for RF Fingerprinting
. IEEE TRANSACTIONS ON MOBILE COMPUTING, 10.1109/TMC.2025.3628527
While supervised deep neural networks (DNNs) have proven effective for device authentication via radio frequency (RF) fingerprinting, they are hindered by domain shift issues and the scarcity of labeled data. The success of large language models has led to increased interest in self-supervised pre-trained models (PTMs), which offer better generalization and do not require labeled datasets, potentially addressing the issues mentioned above. However, the inherent vulnerabilities of PTMs in RF fingerprinting remain insufficiently explored. In this paper, we unveil the potential threat by thoroughly investigating data-free backdoor attacks on such PTMs for RF fingerprinting, focusing on a practical scenario where attackers lack access to downstream data, label information, and training processes. To realize the backdoor attack, we carefully design a set of triggers and predefined output representations (PORs) for the PTMs. By mapping triggers and PORs through backdoor training, we can implant backdoor behaviors into the PTMs, thereby introducing vulnerabilities across different downstream RF fingerprinting tasks without requiring prior knowledge. Extensive experiments demonstrate the wide applicability of our proposed backdoor attack to various input domains, protocols, and PTMs. Furthermore, we explore potential detection and defense methods, illustrating the difficulty of fully safeguarding against our proposed data-free backdoor attack.
