Adversarial attack on deep learning-based dermatoscopic image recognition systems: Risk of misdiagnosis due to undetectable image perturbations.

Researchers

Journal

Modalities

Models

Abstract

Deep learning algorithms have shown excellent performances in the field of medical image recognition, and practical applications have been made in several medical domains. Little is known about the feasibility and impact of an undetectable adversarial attacks, which can disrupt an algorithm by modifying a single pixel of the image to be interpreted. The aim of the study was to test the feasibility and impact of an adversarial attack on the accuracy of a deep learning-based dermatoscopic image recognition system.First, the pre-trained convolutional neural network DenseNet-201 was trained to classify images from the training set into 7 categories. Second, an adversarial neural network was trained to generate undetectable perturbations on images from the test set, to classifying all perturbed images as melanocytic nevi. The perturbed images were classified using the model generated in the first step. This study used the HAM-10000 dataset, an open source image database containing 10,015 dermatoscopic images, which was split into a training set and a test set. The accuracy of the generated classification model was evaluated using images from the test set. The accuracy of the model with and without perturbed images was compared. The ability of 2 observers to detect image perturbations was evaluated, and the inter observer agreement was calculated.The overall accuracy of the classification model dropped from 84% (confidence interval (CI) 95%: 82-86) for unperturbed images to 67% (CI 95%: 65-69) for perturbed images (Mc Nemar test, P < .0001). The fooling ratio reached 100% for all categories of skin lesions. Sensitivity and specificity of the combined observers calculated on a random sample of 50 images were 58.3% (CI 95%: 45.9-70.8) and 42.5% (CI 95%: 27.2-57.8), respectively. The kappa agreement coefficient between the 2 observers was negative at -0.22 (CI 95%: -0.49–0.04).Adversarial attacks on medical image databases can distort interpretation by image recognition algorithms, are easy to make and undetectable by humans. It seems essential to improve our understanding of deep learning-based image recognition systems and to upgrade their security before putting them to practical and daily use.

Show Full Text

Adversarial attack on deep learning-based dermatoscopic image recognition systems: Risk of misdiagnosis due to undetectable image perturbations.

Researchers

Journal

Modalities

Models

Abstract

Shortcut learning in medical AI hinders generalization: method for estimating AI model generalization without external data.

Transfer Learning for Clinical Sleep Pose Detection using a Single 2D IR Camera.

ScLNet: A cornea with scleral lens OCT layers segmentation dataset and new multi-task model.

Advancing microplastic surveillance through photoacoustic imaging and deep learning techniques.

The Swin-Transformer network based on focal loss is used to identify images of pathological subtypes of lung adenocarcinoma with high similarity and class imbalance.

Management and Analysis of Sports Health Level of the Elderly Based on Deep Learning.

Leave a Reply Cancel reply

Researchers

Journal

Modalities

Models

Abstract

Similar Posts

Leave a Reply Cancel reply