About

Richard E. Miller is a Professor of English at Rutgers University, where he has been serving since 1993. His field of interest includes writing, and he has authored several books such as 'As if Learning Mattered: Reforming Higher Education,' 'Habits of the Creative Mind,' and 'On the End of Privacy: Dissolving Boundaries in a Screen-Centric World.' He is involved in academic activities related to writing and higher education reform, and his work encompasses exploring the habits of creative minds and the implications of privacy in a digital age.

Research topics

• Artificial Intelligence
• Computer Science
• Computer engineering
• Real-time computing
• Machine Learning
• Engineering
• Electronic engineering

Selected publications

• Reservoir-Based Distributed Machine Learning for Edge Operation

  arXiv (Cornell University) · 2021 · 1 citations

  Senior authorCorresponding
  • Computer Science
  • Computer Science
  • Artificial Intelligence

  We introduce a novel design for in-situ training of machine learning algorithms built into smart sensors, and illustrate distributed training scenarios using radio frequency (RF) spectrum sensors. Current RF sensors at the Edge lack the computational resources to support practical, in-situ training for intelligent signal classification. We propose a solution using Deepdelay Loop Reservoir Computing (DLR), a processing architecture that supports machine learning algorithms on resource-constrained edge-devices by leveraging delayloop reservoir computing in combination with innovative hardware. DLR delivers reductions in form factor, hardware complexity and latency, compared to the State-ofthe- Art (SoA) neural nets. We demonstrate DLR for two applications: RF Specific Emitter Identification (SEI) and wireless protocol recognition. DLR enables mobile edge platforms to authenticate and then track emitters with fast SEI retraining. Once delay loops separate the data classes, traditionally complex, power-hungry classification models are no longer needed for the learning process. Yet, even with simple classifiers such as Ridge Regression (RR), the complexity grows at least quadratically with the input size. DLR with a RR classifier exceeds the SoA accuracy, while further reducing power consumption by leveraging the architecture of parallel (split) loops. To authenticate mobile devices across large regions, DLR can be trained in a distributed fashion with very little additional processing and a small communication cost, all while maintaining accuracy. We illustrate how to merge locally trained DLR classifiers in use cases of interest.

  PublisherOA PDF

• Reservoir-Based Distributed Machine Learning for Edge Operation of Emitter Identification

  MILCOM 2022 - 2022 IEEE Military Communications Conference (MILCOM) · 2021 · 4 citations

  Senior authorCorresponding
  • Computer Science
  • Artificial Intelligence
  • Computer Science

  This paper has several contributions, all motivated by the operational aspects of in-situ retrainable Specific Emitter Identification (SEI) for authentication of mobile emitters at the Edge, tactical or IoT. The paper first provides a review of the prior work (DLR) that uses our design of reservoir delay loops (DL) to implement low-power, high accuracy and high-reliability classifiers of signals represented as time series of samples, capable of in-situ training at the Edge. We analyze those DLR properties that enable seamless authentication of mobile emitters on a larger scale using radio frequency (RF) fingerprints. Delay loops project the SEI inputs into a space where different input classes are linearly separable, allowing the use of a linear classifier for emitter identification. Moreover, the architecture of split loops enables a more effective linear separation, constraining the number of weight coefficients, which is important for efficient integration of locally trained DLRs into a global SEI model (D-DLR). D-DLR enables mobile edge platforms to authenticate and then track emitters. To authenticate mobile devices across large regions, D-DLR is trained in a distributed fashion with very little additional processing and a small communication cost, all while maintaining accuracy. We illustrate how to merge locally trained DLR SEI classifiers, and how to reliably detect unseen emitters using a simple multi-layer perceptron to which the DLR weights have been transferred.

  PublisherDOI

• Reservoir Based Edge Training on RF Data To Deliver Intelligent and Efficient IoT Spectrum Sensors

  2021-08-01

  preprintOpen accessSenior author

  Current radio frequency (RF) sensors at the Edge lack the computational resources to support practical, in-situ training for intelligent spectrum monitoring. This is true for sensor data classification in general. We propose a solution via Deep Delay Loop Reservoir Computing (DLR), a processing architecture that supports general machine learning algorithms on compact mobile devices by leveraging delay-loop reservoir computing in combination with innovative electro-optical hardware. With both digital and photonic realizations of our design of the loops, DLR delivers reductions in form factor, hardware complexity and latency, compared to the State-of-the-Art (SoA). The main impact of the reservoir is to project the input data into a higher dimensional space of reservoir state vectors in order to linearly separate the input classes. Once the classes are well separated, traditionally complex, power-hungry classification models are no longer needed for the learning process. Yet, even with simple classifiers based on Ridge regression (RR), the complexity grows at least quadratically with the input size. Hence, the hardware reduction required for training on compact devices is in contradiction with the large dimension of state vectors. DLR employs a RR-based classifier to exceed the SoA accuracy, while further reducing power consumption by leveraging the architecture of parallel (split) loops. We present DLR architectures composed of multiple smaller loops whose state vectors are linearly combined to create a lower dimensional input into Ridge regression. We demonstrate the advantages of using DLR for two distinct applications: RF Specific Emitter Identification (SEI) for IoT authentication, and wireless protocol recognition for IoT situational awareness.

  PublisherOA PDFDOI

• Adversarial Examples in RF Deep Learning: Detection of the Attack and its Physical Robustness

  arXiv (Cornell University) · 2019-02-16 · 24 citations

  preprintOpen accessSenior author

  While research on adversarial examples in machine learning for images has been prolific, similar attacks on deep learning (DL) for radio frequency (RF) signals and their mitigation strategies are scarcely addressed in the published work, with only one recent publication in the RF domain [1]. RF adversarial examples (AdExs) can cause drastic, targeted misclassification results mostly in spectrum sensing/ survey applications (e.g. BPSK mistaken for 8-PSK) with minimal waveform perturbation. It is not clear if the RF AdExs maintain their effects in the physical world, i.e., when AdExs are delivered over-the-air (OTA). Our research on deep learning AdExs and proposed defense mechanisms are RF-centric, and incorporate physical world, OTA effects. We here present defense mechanisms based on statistical tests. One test to detect AdExs utilizes Peak-to- Average-Power-Ratio (PAPR) of the DL data points delivered OTA, while another statistical test uses the Softmax outputs of the DL classifier, which corresponds to the probabilities the classifier assigns to each of the trained classes. The former test leverages the RF nature of the data, and the latter is universally applicable to AdExs regardless of their origin. Both solutions are shown as viable mitigation methods to subvert adversarial attacks against communications and radar sensing systems.

  PublisherOA PDFDOI

• Targeted Adversarial Examples Against RF Deep Classifiers

  2019-05-15 · 69 citations

  article

  Adversarial examples (AdExs) in machine learning for classification of radio frequency (RF) signals can be created in a targeted manner such that they go beyond general misclassification and result in the detection of a specific targeted class. Moreover, these drastic, targeted misclassifications can be achieved with minimal waveform perturbations, resulting in catastrophic impact to deep learning based spectrum sensing applications (e.g. WiFi is mistaken for Bluetooth). This work addresses targeted deep learning AdExs, specifically those obtained using the Carlini-Wagner algorithm, and analyzes previously introduced defense mechanisms that performed successfully against non-targeted FGSM-based attacks. To analyze the effects of the Carlini-Wagner attack, and the defense mechanisms, we trained neural networks on two datasets. The first dataset is a subset of the DeepSig dataset, comprised of three synthetic modulations BPSK, QPSK, 8-PSK, which we use to train a simple network for Modulation Recognition. The second dataset contains real-world, well-labeled, curated data from the 2.4 GHz Industrial, Scientific and Medical (ISM) band, that we use to train a network for wireless technology (protocol) classification using three classes: WiFi 802.11n, Bluetooth (BT) and ZigBee. We show that for attacks of limited intensity the impact of the attack in terms of percentage of misclassifications is similar for both datasets, and that the proposed defense is effective in both cases. Finally, we use our ISM data to show that the targeted attack is effective against the deep learning classifier but not against a classical demodulator.

  PublisherDOI

• Mitigation of Adversarial Examples in RF Deep Classifiers Utilizing AutoEncoder Pre-training

  2019-05-01 · 4 citations

  preprintOpen access

  Adversarial examples in machine learning for images are widely publicized and explored. Illustrations of misclassifications caused by these slightly perturbed inputs are abundant and commonly known (e.g., a picture of panda imperceptibly perturbed to fool the classifier into incorrectly labeling it as a gibbon). Similar attacks on deep learning (DL) for radio frequency (RF) signals and their mitigation strategies are scarcely addressed in the published work. Yet, RF adversarial examples (AdExs) with minimal waveform perturbations can cause drastic, targeted misclassification results, particularly against spectrum sensing/survey applications (e.g. BPSK is mistaken for 8-PSK). Our research on deep learning AdExs and proposed defense mechanisms are RF-centric, and incorporate physical-world, over-the-air (OTA) effects. We herein present defense mechanisms based on pre-training the target classifier using an autoencoder. Our results validate this approach as a viable mitigation method to subvert adversarial attacks against deep learning-based communications and radar sensing systems.

  PublisherOA PDFDOI

• Adversarial Examples in RF Deep Learning: Detection and Physical Robustness

  2019-11-01 · 69 citations

  article

  While research on adversarial examples (AdExs) in machine learning for images has been prolific, similar attacks on deep learning (DL) for radio frequency (RF) signals and corresponding mitigation strategies are scarcely addressed in the published work, with only a handful of recent publications in the RF domain. With minimal waveform perturbation, RF adversarial examples (AdExs) can cause a substantial increase in misclassifications for spectrum sensing/ survey applications (e.g. ZigBee mistaken for Bluetooth). In this work, two statistical tests for AdEx detection are proposed. One statistical test leverages the peak-to-average-power ratio (PAPR) of the RF samples. The second test uses the softmax outputs of the machine learning model, which is proportional to the likelihoods the classifier assigns to each of the trained classes. The first test leverages the RF nature of the data while the latter is universally applicable to AdExs regardless of the domain. Both solutions are shown as viable mitigation methods to subvert adversarial attacks against RF waveforms, and their effectiveness is analyzed as function of the propagation channel and type of waveform.

  PublisherDOI

• AutoEncoders for Training Compact Deep Learning RF Classifiers for Wireless Protocols

  2019-07-01 · 1 citations

  preprintOpen access

  We show that compact fully connected (FC) deep learning networks trained to classify wireless protocols using a hierarchy of multiple denoising autoencoders (AEs) outperform reference FC networks trained in a typical way, i.e., with a stochastic gradient based optimization of a given FC architecture. Not only is the complexity of such FC network, measured in number of trainable parameters and scalar multiplications, much lower than the reference FC and residual models, its accuracy also outperforms both models for nearly all tested SNR values (0 dB to 50dB). Such AE-trained networks are suited for in-situ protocol inference performed by simple mobile devices based on noisy signal measurements. Training is based on the data transmitted by real devices, and collected in a controlled environment, and systematically augmented by a policy-based data synthesis process by adding to the signal any subset of impairments commonly seen in a wireless receiver.

  PublisherOA PDFDOI

• Neighborhood watch

  2012-10-15 · 113 citations

  article

  Research on smart meters has shown that fine-grained energy usage data poses privacy risks since it allows inferences about activities inside the home. While smart meter deployments are very limited, more than 40 million meters in the United States have been equipped with Automatic Meter Reading (AMR) technology over the past decades. AMR utilizes wireless communication for remotely collecting usage data from electricity, gas, and water meters. Yet to the best of our knowledge, AMR has so far received no attention from the security research community. In this paper, we conduct a security and privacy analysis of this technology. Based on our reverse engineering and experimentation, we find that the technology lacks basic security measures to ensure privacy, integrity, and authenticity of the data. Moreover, the AMR meters we examined continuously broadcast their energy usage data over insecure wireless links every 30s, even though these broadcasts can only be received when a truck from the utility company passes by. We show how this design allows any individual to monitor energy usage from hundreds of homes in a neighborhood with modest technical effort and how this data allows identifying unoccupied residences or people's routines. To cope with the issues, we recommend security remedies, including a solution based on defensive jamming that may be easier to deploy than upgrading the meters themselves.

  PublisherDOI

• On the Vulnerabilities of CSI in MIMO Wireless Communication Systems

  IEEE Transactions on Mobile Computing · 2011-08-15 · 48 citations

  article1st authorCorresponding

  Multiple-input multiple-output (MIMO) technologies are a popular choice for emerging wireless systems due to their promised gains in throughput and reliability. In order to realize any gains over traditional non-MIMO communication systems, these systems must possess accurate knowledge of the wireless channel. In this paper, we investigate strategies for disrupting MIMO communications by developing attacks that target the often overlooked, but essential, channel estimation procedure. Our study focuses on the two most popular and well-known MIMO techniques: the capacity achieving SVD-based MIMO scheme, and the Alamouti space-time block code (STBC), which spans many protocols including 802.11n, WiMAX, and 3GPP. We augment theoretical and simulation results with real-world experimentation using the USRP/GNU Radio software defined radio platform. We also present novel methodology to protect the channel estimation procedure from such attacks by embedding authentication messages into physical layer features of the transmissions.

  PublisherDOI

Frequent coauthors

• Wade Trappe

  Rutgers, The State University of New Jersey

  25 shared

• Silvija Kokalj-Filipović

  11 shared

• Wenyuan Xu

  Zhejiang University

  8 shared

• Pandurang Kamat

  8 shared

• P. Toliver

  4 shared

• Shalini Jain

  Inspiration Innovation Synergy University

  4 shared

• William P. Johnson

  4 shared

• Joshua Morman

  3 shared