MEFF – A model ensemble feature fusion approach for tackling adversarial attacks in medical imaging

MEFF – A model ensemble feature fusion approach for tackling adversarial attacks in medical imaging

Adversarial attacks pose a significant threat to deep learning models, specifically medical images, as they can mislead models into making inaccurate predictions by introducing subtle distortions to the input data that are often imperceptible to humans. Although adversarial training is a common tech...

Full description

Saved in:
Bibliographic Details
Published in:Intelligent systems with applications Vol. 22; p. 200355
Main Authors: Alzubaidi, Laith, AL–Dulaimi, Khamael, Obeed, Huda Abdul-Hussain, Saihood, Ahmed, Fadhel, Mohammed A., Jebur, Sabah Abdulazeez, Chen, Yubo, Albahri, A.S., Santamaría, Jose, Gupta, Ashish, Gu, Yuantong
Format: Journal Article
Language:English
Published: Elsevier Ltd 01-06-2024
Elsevier
Subjects:
Adversarial attacks
Deep learning
Explainability
Feature fusion
Medical imaging
Deep learning
Feature fusion
Medical imaging
Explainability
Adversarial attacks
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Adversarial attacks pose a significant threat to deep learning models, specifically medical images, as they can mislead models into making inaccurate predictions by introducing subtle distortions to the input data that are often imperceptible to humans. Although adversarial training is a common technique used to mitigate these attacks on medical images, it lacks the flexibility to address new attack methods and effectively improve feature representation. This paper introduces a novel Model Ensemble Feature Fusion (MEFF) designed to combat adversarial attacks in medical image applications. The proposed model employs feature fusion by combining features extracted from different DL models and then trains Machine Learning classifiers using the fused features. It uses a concatenation method to merge the extracted features, forming a more comprehensive representation and enhancing the model's ability to classify classes accurately. Our experimental study has performed a comprehensive evaluation of MEFF, considering several challenging scenarios, including 2D and 3D images, greyscale and colour images, binary classification, and multi-label classification. The reported results demonstrate the robustness of using MEFF against different types of adversarial attacks across six distinct medical image applications. A key advantage of MEFF is its capability to incorporate a wide range of adversarial attacks without the need to train from scratch. Therefore, it contributes to developing a more diverse and robust defence strategy. More importantly, by leveraging feature fusion and ensemble modelling, MEFF enhances the resilience of DL models in the face of adversarial attacks, paving the way for improved robustness and reliability in medical image analysis. •A novel approach to combat adversarial attacks in medical image applications.•Three types of adversarial attacks were employed in the experiments.•Six different applications were used to evaluate the proposed approach.•It achieved high performance across all applications against the three attacks.
ISSN:2667-3053
2667-3053
DOI:10.1016/j.iswa.2024.200355