语义通信旨在从源传输信息，同时将所需的含义传达到目的地。我们将发送器-接收器功能建模为自动编码器，然后是评估所传达信息的含义的任务分类器。自动编码器由位于发射机处的编码器和位于接收机处的解码器组成，编码器联合建模源编码、信道编码和调制，解码器联合建模解调、信道解码和源解码。通过用语义损失来增强重建损失，该编码器-解码器对与语义任务分类器进行交互训练。这种方法通过少量的通道使用可靠地传输压缩的特征向量，同时保持较低的语义损失。我们确定了使用深度神经网络（DNN）进行语义通信的多域安全漏洞。基于对抗性机器学习，我们引入了对这些 DNN 的测试时（有针对性和无针对性）对抗性攻击。作为计算机视觉攻击，小的扰动被注入到发射器编码器输入端的图像中。作为无线攻击，传输小扰动信号以干扰接收器解码器的输入。通过单独或联合发起这些攻击（作为多域攻击），我们表明可以改变所传输信息的语义（比传统干扰具有更大的影响），并强调了安全采用防御方法的必要性语义通信。 Semantic communication seeks to transfer information from a source while conveying a desired meaning to its destination. We model the transmitter-receiver functionalities as an autoencoder, followed by a task classifier that evaluates the meaning of the conveyed information. The autoencoder consists of an encoder at the transmitter that jointly models source coding, channel coding, and modulation, and a decoder at the receiver that jointly models demodulation, channel decoding, and source decoding. By augmenting the reconstruction loss with a semantic loss, this encoder-decoder pair is interactively trained with the semantic task classifier. This approach transfers compressed feature vectors reliably with a small number of channel uses while keeping the semantic loss low. We identify the multi-domain security vulnerabilities of using deep neural networks (DNNs) for semantic communications. Based on adversarial machine learning, we introduce test-time (targeted and non-targeted) adversarial attacks on these DNNs. As a computer vision attack, small perturbations are injected into the images at the input of the transmitter's encoder. As a wireless attack, small perturbation signals are transmitted to interfere with the input of the receiver's decoder. By launching these attacks individually or jointly (as a multi-domain attack), we show that it is possible to change the semantics of the transferred information (with larger impact than conventional jamming) and highlight the need of defense methods for the safe adoption of semantic communications.