nach oben

Automatic Control and Computer Sciences

Erschienen in:

01.12.2022

Adversarial Machine Learning Protection Using the Example of Evasion Attacks on Medical Images

verfasst von: E. A. Rudnitskaya, M. A. Poltavtseva

Erschienen in: Automatic Control and Computer Sciences | Ausgabe 8/2022

Einloggen, um Zugang zu erhalten

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

This work considers evasion attacks on machine learning (ML) systems that use medical images in their analysis. Their systematization and a practical assessment of feasibility are carried out. Existing protection techniques against ML evasion attacks are presented and analyzed. The features of medical images are given and the formulation of the problem of evasion attack protection for these images based on several protective methods is provided. The authors have identified, implemented, and tested the most relevant protection methods on practical examples: an analysis of images of patients with COVID-19.

Vorheriger Artikel Mathematical Model of the Spread of Computer Attacks on Critical Information Infrastructure

Nächster Artikel Immunization of Complex Networks: System of Differential Equations and Dynamic Variation

Ma, X., Niu, Yu., Gu, L., Wang, Yi., Zhao, Yi., Bailey, J., and Lu, F., Understanding adversarial attacks on deep learning based medical image analysis systems, Pattern Recognit., 2020, vol. 110, p. 107332. https://doi.org/10.1016/j.patcog.2020.107332CrossRef

Hospital viruses: Fake cancerous nodes in CT scans, created by malware, trick radiologists, The Washington Post, 2019. https://www.washingtonpost.com/technology/2019/04/03/hospital-viruses-fake-cancerous-nodes-ct-scans-created-by-malware-trick-radiologists/. Cited February 15, 2021.

Pitropakis, N., Panaousis, E., Giannetsos, T., Anastasiadis, E., and Loukas, G., A taxonomy and survey of attacks against machine learning, Comput. Sci. Rev., 2019, vol. 34, p. 100199. https://doi.org/10.1016/j.cosrev.2019.100199MathSciNetCrossRef

Chakraborty, A., Alam, M., Dey, V., Chattopadhyay, A., and Mukhopadhyay, D., Adversarial attacks and defences: a survey, 2018. arXiv:1810.00069 [cs.LG]

Barreno, M., Nelson, B., Sears, R., Joseph, A.D., and Tygar, J.D., Can machine learning be secure?, ASIACC-S ’06: Proc. 2006 ACM Symp. on Information, Computer and Communication Security, Taipei, Taiwan, 2006, New York: Association for Computing Machinery, 2006, pp. 16–25. https://doi.org/10.1145/1128817.1128824

Liu, Q., Li, P., Zhao, W., Cai, W., Yu, S., and Leung, V.C.M., A survey on security threats and defensive techniques of machine learning: A data driven view, IEEE Access, 2018, vol. 6, pp. 12103–12117. https://doi.org/10.1109/ACCESS.2018.2805680CrossRef

Finlayso, S.G., Bowers, J.D., Ito, J., Zittrain, J.L., Beam, A.L., and Kohane, I.S., Adversarial attacks on medical machine learning, Science, 2019, vol. 363, no. 6433, pp. 1287–1289. https://doi.org/10.1126/science.aaw4399CrossRef

Taghanaki, S.A., Das, A., Hamarneh, G., Vulnerability analysis of chest x-ray image classification against adversarial attacks, Understanding and Interpreting Machine Learning in Medical Image Computing Applications, Stoyanov, D., Taylor, Z., Kia, S.M., Eds., Lecture Notes in Computer Science, vol. 11038, Cham: Springer, 2018, pp. 87–94. https://doi.org/10.1007/978-3-030-02628-8_10CrossRef

Voynov, D.M. and Kovalev, V.A., Experimental assessment of adversarial attacks to the deep neural networks in medical image recognition, Informatika, 2019, vol. 16, no. 3, pp. 14–22.

10.

Hirano, H., Minagi, A., and Takemoto, K., Universal adversarial attacks on deep neural networks for medical image classification, BMC Med. Imaging, 2021, vol. 21, p. 9. https://doi.org/10.1186/s12880-020-00530-yCrossRef

11.

Ren, K., Zheng, T., Qin, Z., and Liu, X., Adversarial attacks and defenses in deep learning, Engineering, 2020, vol. 6, no. 3, pp. 346–360.https://doi.org/10.1016/j.eng.2019.12.012CrossRef

12.

Tramer, F., Kurakin, A., Papernot, N., Goodfellow, I., Boneh, D., and McDaniel, P., Ensemble adversarial training: attacks and defenses, 6th Int. Conf. on Learning Representations, ICLR 2018–Conf. Track Proc., Vancouver, 2018.

13.

Liu, X. and Hsieh, Cho-J., Rob-GAN: generator, discriminator, and adversarial attacker, 2019 IEEE/CVF Conf. on Computer Vision and Pattern Recognition (CVPR), Long Beach, 2019, IEEE, 2019, pp. 11226–11235. https://doi.org/10.1109/CVPR.2019.01149

14.

Xie, C., Wang, J., Zhang, Z., Ren, Z., and Yuille, A., Mitigating adversarial effects through randomization, 6th Int. Conf. on Learning Representations, ICLR 2018–Conf. Track Proc., Vancouver, 2018.

15.

Liu, X., Cheng, M., Zhang, H., and Hsieh, Cho-J., Towards robust neural networks via random self-ensemble, Computer Vision–ECCV 2018, Ferrari, V., Hebert, M., Sminchisescu, C., and Weiss, Y., Eds., Lecture Notes in Computer Science, vol. 11211, Cham: Springer, 2018, pp. 381–397. https://doi.org/10.1007/978-3-030-01234-2_23CrossRef

16.

Dhillon GS, Azizzadenesheli K, Lipton ZC, Bernstein J, Kossaifi J, Khanna A, and Anandkumar, A., Stochastic activation pruning for robust adversarial defense, 6th Int. Conf. on Learning Representations, ICLR 2018–Conf. Track Proc., Vancouver, 2018.

17.

Xu, W., Evans, D., and Qi, Y., Feature squeezing: detecting adversarial examples in deep neural networks, Network and Distributed Systems Security Symp. (NDSS), San Diego, Calif., 2018. https://doi.org/10.14722/ndss.2018.23198

18.

Samangouei, P., Kabkab, M., and Chellappa, R., Defense-GAN: protecting classifiers against adversarial attacks using generative models, 6th Int. Conf. on Learning Representations, ICLR 2018–Conf. Track Proc., Vancouver, 2018.

19.

Shen, S., Jin, G., Gao, K., and Zhang, Y., APE-GAN: Adversarial perturbation elimination with GA, 2017. arXiv:1707.05474 [cs.CV]

20.

Carlini, N. and Wagner, D., Towards evaluating the robustness of neural networks, Proc. 2017 IEEE Symp. on Security and Privacy (SP), San Jose, Calif., 2017, IEEE, 2017, pp. 39–57. https://doi.org/10.1109/SP.2017.49

21.

Meng, D. and Chen, H., MagNet: A two-pronged defense against adversarial examples, CCS ’17: Proc. 2017 ACM SIGSAC Conf. on Computer and Communications Security, Dallas, 2017, New York: Association for Computing Machinery, 2017, pp. 135–147. https://doi.org/10.1145/3133956.3134057

22.

Liao, F., Liang, M., Dong, Y., Pang, T., Hu, X., and Zhu, J., Defense against adversarial attacks using high-level representation guided denoiser, 2018 IEEE/CVF Conf. on Computer Vision and Pattern Recognition, Salt Lake City, Utah, 2018, IEEE, 2018, pp. 1778–1787. https://doi.org/10.1109/CVPR.2018.00191

23.

TensorFlow library. https://www.tensorflow.org/. Cited January 25, 2021.

24.

Curated chest X-ray image dataset for COVID-19 detection, Kaggle. https://www.kaggle.com/unaissait/curated-chest-xray-image-dataset-for-covid19?select=Curated+X-Ray+Dataset. Cited February 20, 2021.

25.

Chest Xray for COVID-19 detection, Kaggle, https://www.kaggle.com/fusicfenta/chest-xray-for-covid19-detection/. Cited February 20, 2021.

26.

COVID-19 chest X-ray image dataset, Kaggle. https://www.kaggle.com/alifrahman/covid19-chest-xray-image-dataset/. Cited February 20, 2021.

27.

COVID-19 radiography database, Kaggle. https://www.kaggle.com/tawsifurrahman/covid19-radiography-database/. Cited February 20, 2021.

28.

Zegzhda, D.P., Pavlenko, E., and Shtyrkina, A., Cybersecurity and control sustainability in digital economy and advanced production, The Economics of Digital Transformation, Devezas, T., Leitão, J., Sarygulov, A., Eds., Studies on Entrepreneurship, Structural Change and Industrial Dynamics, Cham: Springer, 2021, pp. 173–185. https://doi.org/10.1007/978-3-030-59959-1_11

29.

Dakhnovich, A., Moskvin, D., and Zegzhda, D., An approach for providing industrial control system sustainability in the age of digital transformation, IOP Conf. Ser.: Mater. Sci. Eng., 2019, vol. 497, p. 012006. https://doi.org/10.1088/1757-899X/497/1/012006

30.

Fatin, A.D., Pavlenko, E.Yu., and Poltavtseva, M.A., A survey of mathematical methods for security analysis of cyberphysical systems, Autom. Control Comput. Sci., 2020, vol. 54, no. 8, pp. 983–987. https://doi.org/10.3103/S014641162008012XCrossRef

Titel: Adversarial Machine Learning Protection Using the Example of Evasion Attacks on Medical Images
verfasst von: E. A. Rudnitskaya
M. A. Poltavtseva
Publikationsdatum: 01.12.2022
Verlag: Pleiades Publishing
Erschienen in: Automatic Control and Computer Sciences / Ausgabe 8/2022
Print ISSN: 0146-4116
Elektronische ISSN: 1558-108X
DOI: https://doi.org/10.3103/S0146411622080211

Neuer Inhalt

Bildnachweise

VDI-Icon, Profil Icon, inhalt2, Springer Professional Modul/© Springer Fachmedien Wiesbaden GmbH, Internationaler Motorenkongress/© [M] ATZlive | Chisnikov / Fotolia.com, Search Icon, Banner Hanser, Customer Experience/© © oatawa / Getty Images / iStock, Erdgasmotor 1.5 TGI evo von Volkswagen/© Volkswagen AG, Thorsten Mücke/© Alexandra Bachran, Zeitschrift Wissensmanagement Cover, PatentFit-Logo/© Springer Fachmedien Wiesbaden GmbH, 2023_Antrieb/© supervisuell, ATZ-Webinar: Prototypenfreie Entwicklung durch Offline- und Driver-in-the-Loop-HiL-Tests /© (c) VI-grade, chassis.tech plus 2023/© [M] ATZlive / TÜV SÜD PRODUCT SERVICE GMBH

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Weitere Artikel der Ausgabe 8/2022

Immunization of Complex Networks: Topology and Methods

Blockchain Technology in 5G Networks: Performance Comparison of Private and Public Blockchains

Review and Comparison of Lightweight Modifications of the AES Cipher for a Network of Low-Power Devices

Counteracting Information Threats Using Honeypot Systems Based on a Graph of Potential Attacks

Computer Network Clustering Methods in Cybersecurity Problems

Botnet Attack Detection Approach in IoT Networks

Neuer Inhalt

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.