Cargando…

Adversarial Attack and Defence through Adversarial Training and Feature Fusion for Diabetic Retinopathy Recognition

Due to the rapid growth in artificial intelligence (AI) and deep learning (DL) approaches, the security and robustness of the deployed algorithms need to be guaranteed. The security susceptibility of the DL algorithms to adversarial examples has been widely acknowledged. The artificially created exa...

Descripción completa

Detalles Bibliográficos
Autores principales: Lal, Sheeba, Rehman, Saeed Ur, Shah, Jamal Hussain, Meraj, Talha, Rauf, Hafiz Tayyab, Damaševičius, Robertas, Mohammed, Mazin Abed, Abdulkareem, Karrar Hameed
Formato: Online Artículo Texto
Lenguaje:English
Publicado: MDPI 2021
Materias:
Acceso en línea:https://www.ncbi.nlm.nih.gov/pmc/articles/PMC8201392/
https://www.ncbi.nlm.nih.gov/pubmed/34200216
http://dx.doi.org/10.3390/s21113922
_version_ 1783707808405913600
author Lal, Sheeba
Rehman, Saeed Ur
Shah, Jamal Hussain
Meraj, Talha
Rauf, Hafiz Tayyab
Damaševičius, Robertas
Mohammed, Mazin Abed
Abdulkareem, Karrar Hameed
author_facet Lal, Sheeba
Rehman, Saeed Ur
Shah, Jamal Hussain
Meraj, Talha
Rauf, Hafiz Tayyab
Damaševičius, Robertas
Mohammed, Mazin Abed
Abdulkareem, Karrar Hameed
author_sort Lal, Sheeba
collection PubMed
description Due to the rapid growth in artificial intelligence (AI) and deep learning (DL) approaches, the security and robustness of the deployed algorithms need to be guaranteed. The security susceptibility of the DL algorithms to adversarial examples has been widely acknowledged. The artificially created examples will lead to different instances negatively identified by the DL models that are humanly considered benign. Practical application in actual physical scenarios with adversarial threats shows their features. Thus, adversarial attacks and defense, including machine learning and its reliability, have drawn growing interest and, in recent years, has been a hot topic of research. We introduce a framework that provides a defensive model against the adversarial speckle-noise attack, the adversarial training, and a feature fusion strategy, which preserves the classification with correct labelling. We evaluate and analyze the adversarial attacks and defenses on the retinal fundus images for the Diabetic Retinopathy recognition problem, which is considered a state-of-the-art endeavor. Results obtained on the retinal fundus images, which are prone to adversarial attacks, are 99% accurate and prove that the proposed defensive model is robust.
format Online
Article
Text
id pubmed-8201392
institution National Center for Biotechnology Information
language English
publishDate 2021
publisher MDPI
record_format MEDLINE/PubMed
spelling pubmed-82013922021-06-15 Adversarial Attack and Defence through Adversarial Training and Feature Fusion for Diabetic Retinopathy Recognition Lal, Sheeba Rehman, Saeed Ur Shah, Jamal Hussain Meraj, Talha Rauf, Hafiz Tayyab Damaševičius, Robertas Mohammed, Mazin Abed Abdulkareem, Karrar Hameed Sensors (Basel) Article Due to the rapid growth in artificial intelligence (AI) and deep learning (DL) approaches, the security and robustness of the deployed algorithms need to be guaranteed. The security susceptibility of the DL algorithms to adversarial examples has been widely acknowledged. The artificially created examples will lead to different instances negatively identified by the DL models that are humanly considered benign. Practical application in actual physical scenarios with adversarial threats shows their features. Thus, adversarial attacks and defense, including machine learning and its reliability, have drawn growing interest and, in recent years, has been a hot topic of research. We introduce a framework that provides a defensive model against the adversarial speckle-noise attack, the adversarial training, and a feature fusion strategy, which preserves the classification with correct labelling. We evaluate and analyze the adversarial attacks and defenses on the retinal fundus images for the Diabetic Retinopathy recognition problem, which is considered a state-of-the-art endeavor. Results obtained on the retinal fundus images, which are prone to adversarial attacks, are 99% accurate and prove that the proposed defensive model is robust. MDPI 2021-06-07 /pmc/articles/PMC8201392/ /pubmed/34200216 http://dx.doi.org/10.3390/s21113922 Text en © 2021 by the authors. https://creativecommons.org/licenses/by/4.0/Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
spellingShingle Article
Lal, Sheeba
Rehman, Saeed Ur
Shah, Jamal Hussain
Meraj, Talha
Rauf, Hafiz Tayyab
Damaševičius, Robertas
Mohammed, Mazin Abed
Abdulkareem, Karrar Hameed
Adversarial Attack and Defence through Adversarial Training and Feature Fusion for Diabetic Retinopathy Recognition
title Adversarial Attack and Defence through Adversarial Training and Feature Fusion for Diabetic Retinopathy Recognition
title_full Adversarial Attack and Defence through Adversarial Training and Feature Fusion for Diabetic Retinopathy Recognition
title_fullStr Adversarial Attack and Defence through Adversarial Training and Feature Fusion for Diabetic Retinopathy Recognition
title_full_unstemmed Adversarial Attack and Defence through Adversarial Training and Feature Fusion for Diabetic Retinopathy Recognition
title_short Adversarial Attack and Defence through Adversarial Training and Feature Fusion for Diabetic Retinopathy Recognition
title_sort adversarial attack and defence through adversarial training and feature fusion for diabetic retinopathy recognition
topic Article
url https://www.ncbi.nlm.nih.gov/pmc/articles/PMC8201392/
https://www.ncbi.nlm.nih.gov/pubmed/34200216
http://dx.doi.org/10.3390/s21113922
work_keys_str_mv AT lalsheeba adversarialattackanddefencethroughadversarialtrainingandfeaturefusionfordiabeticretinopathyrecognition
AT rehmansaeedur adversarialattackanddefencethroughadversarialtrainingandfeaturefusionfordiabeticretinopathyrecognition
AT shahjamalhussain adversarialattackanddefencethroughadversarialtrainingandfeaturefusionfordiabeticretinopathyrecognition
AT merajtalha adversarialattackanddefencethroughadversarialtrainingandfeaturefusionfordiabeticretinopathyrecognition
AT raufhafiztayyab adversarialattackanddefencethroughadversarialtrainingandfeaturefusionfordiabeticretinopathyrecognition
AT damaseviciusrobertas adversarialattackanddefencethroughadversarialtrainingandfeaturefusionfordiabeticretinopathyrecognition
AT mohammedmazinabed adversarialattackanddefencethroughadversarialtrainingandfeaturefusionfordiabeticretinopathyrecognition
AT abdulkareemkarrarhameed adversarialattackanddefencethroughadversarialtrainingandfeaturefusionfordiabeticretinopathyrecognition