Adversarial Medical Image With Hierarchical Feature Hiding
文献类型:期刊论文
| 作者 | Yao, Qingsong1,2; He, Zecheng3; Li, Yuexiang4,5; Lin, Yi6; Ma, Kai4; Zheng, Yefeng4; Zhou, S. Kevin7,8,9 |
| 刊名 | IEEE TRANSACTIONS ON MEDICAL IMAGING
 |
| 出版日期 | 2024-04-01 |
| 卷号 | 43期号:4页码:1296-1307 |
| 关键词 | Security in machine learning adversarial attacks and defense |
| ISSN号 | 0278-0062 |
| DOI | 10.1109/TMI.2023.3335098 |
| 英文摘要 | Deep learning based methods for medical images can be easily compromised by adversarial examples (AEs), posing a great security flaw in clinical decision-making. It has been discovered that conventional adversarial attacks like PGD which optimize the classification logits, are easy to distinguish in the feature space, resulting in accurate reactive defenses. To better understand this phenomenon and reassess the reliability of the reactive defenses for medical AEs, we thoroughly investigate the characteristic of conventional medical AEs. Specifically, we first theoretically prove that conventional adversarial attacks change the outputs by continuously optimizing vulnerable features in a fixed direction, thereby leading to outlier representations in the feature space. Then, a stress test is conducted to reveal the vulnerability of medical images, by comparing with natural images. Interestingly, this vulnerability is a double-edged sword, which can be exploited to hide AEs. We then propose a simple-yet-effective hierarchical feature constraint (HFC), a novel add-on to conventional white-box attacks, which assists to hide the adversarial feature in the target feature distribution. The proposed method is evaluated on three medical datasets, both 2D and 3D, with different modalities. The experimental results demonstrate the superiority of HFC, i.e., it bypasses an array of state-of-the-art adversarial medical AE detectors more efficiently than competing adaptive attacks, which reveals the deficiencies of medical reactive defense and allows to develop more robust defenses in future. |
| WOS研究方向 | Computer Science ; Engineering ; Imaging Science & Photographic Technology ; Radiology, Nuclear Medicine & Medical Imaging |
| 语种 | 英语 |
| WOS记录号 | WOS:001196733400025 |
| 出版者 | IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC |
| 源URL | [http://119.78.100.204/handle/2XEOYT63/39886]  |
| 专题 | 中国科学院计算技术研究所期刊论文_英文 |
| 通讯作者 | Zhou, S. Kevin |
| 作者单位 | 1.Univ Chinese Acad Sci, Beijing, Peoples R China 2.Chinese Acad Sci, Inst Comp Technol, Beijing 10045, Peoples R China 3.Meta Real Labs, Burlingame, CA 94010 USA 4.Jarvis Res Ctr, Tencent YouTu Lab, Shenzhen 518057, Peoples R China 5.Guangxi Med Univ, Guangxi Key Lab Genom & Personalized Med, Med AI ReS MARS Grp, Nanning 530021, Peoples R China 6.Hong Kong Univ Sci & Technol, Dept Comp Sci & Engn, Hong Kong, Peoples R China 7.Univ Sci & Technol China, Sch Biomed Engn, Hefei 230026, Peoples R China 8.Univ Sci & Technol China, Suzhou Inst Adv Res, Hefei 230026, Peoples R China 9.Chinese Acad Sci, Inst Comp Technol, Beijing 100045, Peoples R China |
| 推荐引用方式 GB/T 7714 | Yao, Qingsong,He, Zecheng,Li, Yuexiang,et al. Adversarial Medical Image With Hierarchical Feature Hiding[J]. IEEE TRANSACTIONS ON MEDICAL IMAGING,2024,43(4):1296-1307. |
| APA | Yao, Qingsong.,He, Zecheng.,Li, Yuexiang.,Lin, Yi.,Ma, Kai.,...&Zhou, S. Kevin.(2024).Adversarial Medical Image With Hierarchical Feature Hiding.IEEE TRANSACTIONS ON MEDICAL IMAGING,43(4),1296-1307. |
| MLA | Yao, Qingsong,et al."Adversarial Medical Image With Hierarchical Feature Hiding".IEEE TRANSACTIONS ON MEDICAL IMAGING 43.4(2024):1296-1307. |
入库方式: OAI收割
来源:计算技术研究所
浏览0
下载0
收藏0
其他版本
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。