Cargando…
Digital Watermarking as an Adversarial Attack on Medical Image Analysis with Deep Learning
In the past years, Deep Neural Networks (DNNs) have become popular in many disciplines such as Computer Vision (CV), and the evolution of hardware has helped researchers to develop many powerful Deep Learning (DL) models to deal with several problems. One of the most important challenges in the CV a...
| Autores principales: | , |
|---|---|
| Formato: | Online Artículo Texto |
| Lenguaje: | English |
| Publicado: |
MDPI
2022
|
| Materias: | |
| Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9225333/ https://www.ncbi.nlm.nih.gov/pubmed/35735954 http://dx.doi.org/10.3390/jimaging8060155 |
| _version_ | 1784733592590483456 |
|---|---|
| author | Apostolidis, Kyriakos D. Papakostas, George A. |
| author_facet | Apostolidis, Kyriakos D. Papakostas, George A. |
| author_sort | Apostolidis, Kyriakos D. |
| collection | PubMed |
| description | In the past years, Deep Neural Networks (DNNs) have become popular in many disciplines such as Computer Vision (CV), and the evolution of hardware has helped researchers to develop many powerful Deep Learning (DL) models to deal with several problems. One of the most important challenges in the CV area is Medical Image Analysis. However, adversarial attacks have proven to be an important threat to vision systems by significantly reducing the performance of the models. This paper brings to light a different side of digital watermarking, as a potential black-box adversarial attack. In this context, apart from proposing a new category of adversarial attacks named watermarking attacks, we highlighted a significant problem, as the massive use of watermarks, for security reasons, seems to pose significant risks to vision systems. For this purpose, a moment-based local image watermarking method is implemented on three modalities, Magnetic Resonance Images (MRI), Computed Tomography (CT-scans), and X-ray images. The introduced methodology was tested on three state-of-the art CV models, DenseNet 201, DenseNet169, and MobileNetV2. The results revealed that the proposed attack achieved over 50% degradation of the model’s performance in terms of accuracy. Additionally, MobileNetV2 was the most vulnerable model and the modality with the biggest reduction was CT-scans. |
| format | Online Article Text |
| id | pubmed-9225333 |
| institution | National Center for Biotechnology Information |
| language | English |
| publishDate | 2022 |
| publisher | MDPI |
| record_format | MEDLINE/PubMed |
| spelling | pubmed-92253332022-06-24 Digital Watermarking as an Adversarial Attack on Medical Image Analysis with Deep Learning Apostolidis, Kyriakos D. Papakostas, George A. J Imaging Article In the past years, Deep Neural Networks (DNNs) have become popular in many disciplines such as Computer Vision (CV), and the evolution of hardware has helped researchers to develop many powerful Deep Learning (DL) models to deal with several problems. One of the most important challenges in the CV area is Medical Image Analysis. However, adversarial attacks have proven to be an important threat to vision systems by significantly reducing the performance of the models. This paper brings to light a different side of digital watermarking, as a potential black-box adversarial attack. In this context, apart from proposing a new category of adversarial attacks named watermarking attacks, we highlighted a significant problem, as the massive use of watermarks, for security reasons, seems to pose significant risks to vision systems. For this purpose, a moment-based local image watermarking method is implemented on three modalities, Magnetic Resonance Images (MRI), Computed Tomography (CT-scans), and X-ray images. The introduced methodology was tested on three state-of-the art CV models, DenseNet 201, DenseNet169, and MobileNetV2. The results revealed that the proposed attack achieved over 50% degradation of the model’s performance in terms of accuracy. Additionally, MobileNetV2 was the most vulnerable model and the modality with the biggest reduction was CT-scans. MDPI 2022-05-30 /pmc/articles/PMC9225333/ /pubmed/35735954 http://dx.doi.org/10.3390/jimaging8060155 Text en © 2022 by the authors. https://creativecommons.org/licenses/by/4.0/Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/). |
| spellingShingle | Article Apostolidis, Kyriakos D. Papakostas, George A. Digital Watermarking as an Adversarial Attack on Medical Image Analysis with Deep Learning |
| title | Digital Watermarking as an Adversarial Attack on Medical Image Analysis with Deep Learning |
| title_full | Digital Watermarking as an Adversarial Attack on Medical Image Analysis with Deep Learning |
| title_fullStr | Digital Watermarking as an Adversarial Attack on Medical Image Analysis with Deep Learning |
| title_full_unstemmed | Digital Watermarking as an Adversarial Attack on Medical Image Analysis with Deep Learning |
| title_short | Digital Watermarking as an Adversarial Attack on Medical Image Analysis with Deep Learning |
| title_sort | digital watermarking as an adversarial attack on medical image analysis with deep learning |
| topic | Article |
| url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9225333/ https://www.ncbi.nlm.nih.gov/pubmed/35735954 http://dx.doi.org/10.3390/jimaging8060155 |
| work_keys_str_mv | AT apostolidiskyriakosd digitalwatermarkingasanadversarialattackonmedicalimageanalysiswithdeeplearning AT papakostasgeorgea digitalwatermarkingasanadversarialattackonmedicalimageanalysiswithdeeplearning |