To address semantic eavesdropping threats in semantic communications, this work pioneers the integration of artificial noise (AN) into the semantic layer security framework. We propose a plug-and-play encryption–decryption architecture based on denoising diffusion probabilistic models (DDPM): at the encoder, knowledge-aware artificial Gaussian noise (AGN) is injected; at the decoder, AGN and channel noise are jointly suppressed to achieve high-fidelity semantic reconstruction. An adversarial residual network (ARN) is designed to generate semantic-sensitive AN, elevating security from mutual information suppression to confidence-level degradation. Furthermore, we formulate an AGN power allocation optimization problem and solve it via deep deterministic policy gradient (DDPG). Experiments demonstrate that the eavesdropper’s semantic reconstruction mutual information drops by over 82%, while the legitimate receiver’s reconstructed PSNR improves by 9.6 dB—achieving both strong semantic security and high-fidelity transmission.

In this paper, AN is introduced into semantic communication systems for the first time to prevent semantic eavesdropping. However, the introduction of AN also poses challenges for the legitimate receiver in extracting semantic information. Recently, denoising diffusion probabilistic models (DDPM) have demonstrated their powerful capabilities in generating multimedia content. Here, the paired pluggable modules are carefully designed using DDPM. Specifically, the pluggable encryption module generates AN and adds it to the output of the semantic transmitter, while the pluggable decryption module before semantic receiver uses DDPM to generate the detailed semantic information by removing both AN and the channel noise. In the scenario where the transmitter lacks eavesdropper's knowledge, the artificial Gaussian noise (AGN) is used as AN. We first model a power allocation optimization problem to determine the power of AGN, in which the objective is to minimize the weighted sum of data reconstruction error of legal link, the mutual information of illegal link, and the channel input distortion. Then, a deep reinforcement learning framework using deep deterministic policy gradient is proposed to solve the optimization problem. In the scenario where the transmitter is aware of the eavesdropper's knowledge, we propose an AN generation method based on adversarial residual networks (ARN). Unlike the previous scenario, the mutual information term in the objective function is replaced by the confidence of eavesdropper correctly retrieving private information. The adversarial residual network is then trained to minimize the modified objective function. The simulation results show that the diffusion-enabled pluggable encryption module prevents semantic eavesdropping while the pluggable decryption module achieves the high-quality semantic communication.