Eprint first made available on ORBilu (E-prints, Working papers and Research blog)
Requirements And Threat Models of Adversarial Attacks and Robustness of Chest X-ray classification
Ghamizi, Salah; Cordy, Maxime; Papadakis, Mike et al.
2021
 

Files


Full Text
AAAI22_ADvMedical.pdf
Author preprint (455.61 kB)
Request a copy

All documents in ORBilu are protected by a user license.

Send to



Details



Keywords :
Chest
Abstract :
[en] Vulnerability to adversarial attacks is a well-known weakness of Deep Neural Networks. While most of the studies focus on natural images with standardized benchmarks like ImageNet and CIFAR, little research has considered real world applications, in particular in the medical domain. Our research shows that, contrary to previous claims, robustness of chest x-ray classification is much harder to evaluate and leads to very different assessments based on the dataset, the architecture and robustness metric. We argue that previous studies did not take into account the peculiarity of medical diagnosis, like the co-occurrence of diseases, the disagreement of labellers (domain experts), the threat model of the attacks and the risk implications for each successful attack. In this paper, we discuss the methodological foundations, review the pitfalls and best practices, and suggest new methodological considerations for evaluating the robustness of chest xray classification models. Our evaluation on 3 datasets, 7 models, and 18 diseases is the largest evaluation of robustness of chest x-ray classification models. We believe our findings will provide reliable guidelines for realistic evaluation and improvement of the robustness of machine learning models for medical diagnosis.
Disciplines :
Computer science
Radiology, nuclear medicine & imaging
Author, co-author :
Ghamizi, Salah ;  University of Luxembourg > Faculty of Science, Technology and Medicine (FSTM) > Department of Computer Science (DCS)
Cordy, Maxime  ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > SerVal
Papadakis, Mike ;  University of Luxembourg > Faculty of Science, Technology and Medicine (FSTM) > Department of Computer Science (DCS)
Le Traon, Yves ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > SerVal
Language :
English
Title :
Requirements And Threat Models of Adversarial Attacks and Robustness of Chest X-ray classification
Publication date :
October 2021
Focus Area :
Systems Biomedicine
Security, Reliability and Trust
Available on ORBilu :
since 20 October 2021

Statistics


Number of views
281 (43 by Unilu)
Number of downloads
11 (10 by Unilu)

Bibliography


Similar publications



Contact ORBilu