Cargando…
Adversarial Attack and Defence through Adversarial Training and Feature Fusion for Diabetic Retinopathy Recognition
Due to the rapid growth in artificial intelligence (AI) and deep learning (DL) approaches, the security and robustness of the deployed algorithms need to be guaranteed. The security susceptibility of the DL algorithms to adversarial examples has been widely acknowledged. The artificially created exa...
Autores principales: | , , , , , , , |
---|---|
Formato: | Online Artículo Texto |
Lenguaje: | English |
Publicado: |
MDPI
2021
|
Materias: | |
Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC8201392/ https://www.ncbi.nlm.nih.gov/pubmed/34200216 http://dx.doi.org/10.3390/s21113922 |
_version_ | 1783707808405913600 |
---|---|
author | Lal, Sheeba Rehman, Saeed Ur Shah, Jamal Hussain Meraj, Talha Rauf, Hafiz Tayyab Damaševičius, Robertas Mohammed, Mazin Abed Abdulkareem, Karrar Hameed |
author_facet | Lal, Sheeba Rehman, Saeed Ur Shah, Jamal Hussain Meraj, Talha Rauf, Hafiz Tayyab Damaševičius, Robertas Mohammed, Mazin Abed Abdulkareem, Karrar Hameed |
author_sort | Lal, Sheeba |
collection | PubMed |
description | Due to the rapid growth in artificial intelligence (AI) and deep learning (DL) approaches, the security and robustness of the deployed algorithms need to be guaranteed. The security susceptibility of the DL algorithms to adversarial examples has been widely acknowledged. The artificially created examples will lead to different instances negatively identified by the DL models that are humanly considered benign. Practical application in actual physical scenarios with adversarial threats shows their features. Thus, adversarial attacks and defense, including machine learning and its reliability, have drawn growing interest and, in recent years, has been a hot topic of research. We introduce a framework that provides a defensive model against the adversarial speckle-noise attack, the adversarial training, and a feature fusion strategy, which preserves the classification with correct labelling. We evaluate and analyze the adversarial attacks and defenses on the retinal fundus images for the Diabetic Retinopathy recognition problem, which is considered a state-of-the-art endeavor. Results obtained on the retinal fundus images, which are prone to adversarial attacks, are 99% accurate and prove that the proposed defensive model is robust. |
format | Online Article Text |
id | pubmed-8201392 |
institution | National Center for Biotechnology Information |
language | English |
publishDate | 2021 |
publisher | MDPI |
record_format | MEDLINE/PubMed |
spelling | pubmed-82013922021-06-15 Adversarial Attack and Defence through Adversarial Training and Feature Fusion for Diabetic Retinopathy Recognition Lal, Sheeba Rehman, Saeed Ur Shah, Jamal Hussain Meraj, Talha Rauf, Hafiz Tayyab Damaševičius, Robertas Mohammed, Mazin Abed Abdulkareem, Karrar Hameed Sensors (Basel) Article Due to the rapid growth in artificial intelligence (AI) and deep learning (DL) approaches, the security and robustness of the deployed algorithms need to be guaranteed. The security susceptibility of the DL algorithms to adversarial examples has been widely acknowledged. The artificially created examples will lead to different instances negatively identified by the DL models that are humanly considered benign. Practical application in actual physical scenarios with adversarial threats shows their features. Thus, adversarial attacks and defense, including machine learning and its reliability, have drawn growing interest and, in recent years, has been a hot topic of research. We introduce a framework that provides a defensive model against the adversarial speckle-noise attack, the adversarial training, and a feature fusion strategy, which preserves the classification with correct labelling. We evaluate and analyze the adversarial attacks and defenses on the retinal fundus images for the Diabetic Retinopathy recognition problem, which is considered a state-of-the-art endeavor. Results obtained on the retinal fundus images, which are prone to adversarial attacks, are 99% accurate and prove that the proposed defensive model is robust. MDPI 2021-06-07 /pmc/articles/PMC8201392/ /pubmed/34200216 http://dx.doi.org/10.3390/s21113922 Text en © 2021 by the authors. https://creativecommons.org/licenses/by/4.0/Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/). |
spellingShingle | Article Lal, Sheeba Rehman, Saeed Ur Shah, Jamal Hussain Meraj, Talha Rauf, Hafiz Tayyab Damaševičius, Robertas Mohammed, Mazin Abed Abdulkareem, Karrar Hameed Adversarial Attack and Defence through Adversarial Training and Feature Fusion for Diabetic Retinopathy Recognition |
title | Adversarial Attack and Defence through Adversarial Training and Feature Fusion for Diabetic Retinopathy Recognition |
title_full | Adversarial Attack and Defence through Adversarial Training and Feature Fusion for Diabetic Retinopathy Recognition |
title_fullStr | Adversarial Attack and Defence through Adversarial Training and Feature Fusion for Diabetic Retinopathy Recognition |
title_full_unstemmed | Adversarial Attack and Defence through Adversarial Training and Feature Fusion for Diabetic Retinopathy Recognition |
title_short | Adversarial Attack and Defence through Adversarial Training and Feature Fusion for Diabetic Retinopathy Recognition |
title_sort | adversarial attack and defence through adversarial training and feature fusion for diabetic retinopathy recognition |
topic | Article |
url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC8201392/ https://www.ncbi.nlm.nih.gov/pubmed/34200216 http://dx.doi.org/10.3390/s21113922 |
work_keys_str_mv | AT lalsheeba adversarialattackanddefencethroughadversarialtrainingandfeaturefusionfordiabeticretinopathyrecognition AT rehmansaeedur adversarialattackanddefencethroughadversarialtrainingandfeaturefusionfordiabeticretinopathyrecognition AT shahjamalhussain adversarialattackanddefencethroughadversarialtrainingandfeaturefusionfordiabeticretinopathyrecognition AT merajtalha adversarialattackanddefencethroughadversarialtrainingandfeaturefusionfordiabeticretinopathyrecognition AT raufhafiztayyab adversarialattackanddefencethroughadversarialtrainingandfeaturefusionfordiabeticretinopathyrecognition AT damaseviciusrobertas adversarialattackanddefencethroughadversarialtrainingandfeaturefusionfordiabeticretinopathyrecognition AT mohammedmazinabed adversarialattackanddefencethroughadversarialtrainingandfeaturefusionfordiabeticretinopathyrecognition AT abdulkareemkarrarhameed adversarialattackanddefencethroughadversarialtrainingandfeaturefusionfordiabeticretinopathyrecognition |