Cargando…
Gradient-based enhancement attacks in biomedical machine learning
The prevalence of machine learning in biomedical research is rapidly growing, yet the trustworthiness of such research is often overlooked. While some previous works have investigated the ability of adversarial attacks to degrade model performance in medical imaging, the ability to falsely improve p...
Autores principales: | , , |
---|---|
Formato: | Online Artículo Texto |
Lenguaje: | English |
Publicado: |
Cornell University
2023
|
Materias: | |
Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9882585/ https://www.ncbi.nlm.nih.gov/pubmed/36713237 |
_version_ | 1784879322117439488 |
---|---|
author | Rosenblatt, Matthew Dadashkarimi, Javid Scheinost, Dustin |
author_facet | Rosenblatt, Matthew Dadashkarimi, Javid Scheinost, Dustin |
author_sort | Rosenblatt, Matthew |
collection | PubMed |
description | The prevalence of machine learning in biomedical research is rapidly growing, yet the trustworthiness of such research is often overlooked. While some previous works have investigated the ability of adversarial attacks to degrade model performance in medical imaging, the ability to falsely improve performance via recently-developed “enhancement attacks” may be a greater threat to biomedical machine learning. In the spirit of developing attacks to better understand trustworthiness, we developed two techniques to drastically enhance prediction performance of classifiers with minimal changes to features: 1) general enhancement of prediction performance, and 2) enhancement of a particular method over another. Our enhancement framework falsely improved classifiers’ accuracy from 50% to almost 100% while maintaining high feature similarities between original and enhanced data (Pearson’s r′s > 0.99). Similarly, the method-specific enhancement framework was effective in falsely improving the performance of one method over another. For example, a simple neural network outperformed logistic regression by 17% on our enhanced dataset, although no performance differences were present in the original dataset. Crucially, the original and enhanced data were still similar (r = 0.99). Our results demonstrate the feasibility of minor data manipulations to achieve any desired prediction performance, which presents an interesting ethical challenge for the future of biomedical machine learning. These findings emphasize the need for more robust data provenance tracking and other precautionary measures to ensure the integrity of biomedical machine learning research. Code is available at https://github.com/mattrosenblatt7/enhancement_EPIMI. |
format | Online Article Text |
id | pubmed-9882585 |
institution | National Center for Biotechnology Information |
language | English |
publishDate | 2023 |
publisher | Cornell University |
record_format | MEDLINE/PubMed |
spelling | pubmed-98825852023-01-28 Gradient-based enhancement attacks in biomedical machine learning Rosenblatt, Matthew Dadashkarimi, Javid Scheinost, Dustin ArXiv Article The prevalence of machine learning in biomedical research is rapidly growing, yet the trustworthiness of such research is often overlooked. While some previous works have investigated the ability of adversarial attacks to degrade model performance in medical imaging, the ability to falsely improve performance via recently-developed “enhancement attacks” may be a greater threat to biomedical machine learning. In the spirit of developing attacks to better understand trustworthiness, we developed two techniques to drastically enhance prediction performance of classifiers with minimal changes to features: 1) general enhancement of prediction performance, and 2) enhancement of a particular method over another. Our enhancement framework falsely improved classifiers’ accuracy from 50% to almost 100% while maintaining high feature similarities between original and enhanced data (Pearson’s r′s > 0.99). Similarly, the method-specific enhancement framework was effective in falsely improving the performance of one method over another. For example, a simple neural network outperformed logistic regression by 17% on our enhanced dataset, although no performance differences were present in the original dataset. Crucially, the original and enhanced data were still similar (r = 0.99). Our results demonstrate the feasibility of minor data manipulations to achieve any desired prediction performance, which presents an interesting ethical challenge for the future of biomedical machine learning. These findings emphasize the need for more robust data provenance tracking and other precautionary measures to ensure the integrity of biomedical machine learning research. Code is available at https://github.com/mattrosenblatt7/enhancement_EPIMI. Cornell University 2023-08-16 /pmc/articles/PMC9882585/ /pubmed/36713237 Text en https://creativecommons.org/licenses/by/4.0/This work is licensed under a Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/) , which allows reusers to distribute, remix, adapt, and build upon the material in any medium or format, so long as attribution is given to the creator. The license allows for commercial use. |
spellingShingle | Article Rosenblatt, Matthew Dadashkarimi, Javid Scheinost, Dustin Gradient-based enhancement attacks in biomedical machine learning |
title | Gradient-based enhancement attacks in biomedical machine learning |
title_full | Gradient-based enhancement attacks in biomedical machine learning |
title_fullStr | Gradient-based enhancement attacks in biomedical machine learning |
title_full_unstemmed | Gradient-based enhancement attacks in biomedical machine learning |
title_short | Gradient-based enhancement attacks in biomedical machine learning |
title_sort | gradient-based enhancement attacks in biomedical machine learning |
topic | Article |
url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9882585/ https://www.ncbi.nlm.nih.gov/pubmed/36713237 |
work_keys_str_mv | AT rosenblattmatthew gradientbasedenhancementattacksinbiomedicalmachinelearning AT dadashkarimijavid gradientbasedenhancementattacksinbiomedicalmachinelearning AT scheinostdustin gradientbasedenhancementattacksinbiomedicalmachinelearning |