Black-Box Transferable Adversarial Attack Method Based on Generative Adversarial Networks for Lung Disease Diagnosis Models

被引：0

作者：

Wang X. ^{[1
,2
]}

Wang D. ^{[1
]}

Sun J. ^{[1
,2
]}

Yang Y. ^{[3
]}

机构：

[1] School of Computer Science, Xian University of Posts and Telecommunications, Xian

[2] Shaanxi Key Laboratory of Network Data Analysis and Intelligent Processing, Xian University of Posts and Telecommunications, Xian

[3] School of Automation Science and Engineering, Xian Jiaotong University, Xian

来源：

Hsi-An Chiao Tung Ta Hsueh/Journal of Xi'an Jiaotong University | 2023年 / 57卷 / 10期

关键词：

black-box adversarial attack; generative adversarial network; lung disease diagnosis model; transferability;

D O I：

10.7652/xjtuxb202310019

中图分类号：

学科分类号：

摘要：

A black-box transferable adversarial attack method based on GAN for lung disease diagnosis models was proposed to address the low success rate of attacks in black-box scenarios and low generation quality of existing adversarial attack methods. The method was built based on pulmonary medical images, with the residual neural network as the basic skeleton. In the generator, residual blocks based on dilated convolution and pyramidal segmentation attention mechanism were designed to improve the multi-scale feature representation capability of the network at finer granularity; discriminators with auxiliary classifiers were set up to correctly classify the samples, and the attackers were added to the discriminators for adversarial training to enhance the adversarial sample attack capability and stabilize the training of GAN. The data-free black-box adversarial attack framework was also used to train alternative models to achieve transferable adversarial attack and obtain a more effective and higher black-box attack success rate. The method achieved adversarial success rates of 68. 95% and 79. 34% for targeted attacks and untargeted attacks respectively. Compared with other GAN-based attack methods in black-box scenarios, it presents a higher transferability attack success rate and the generated adversarial samples are closer to the real samples, solving the problem that traditional GAN-based attack methods cannot capture the detailed features of lung images and thus cannot obtain better adversarial performance. This method provides a reference for improving the security and robustness of lung disease diagnosis models in practical application scenarios. © 2023 Xi'an Jiaotong University. All rights reserved.

引用

页码：196 / 206and220

共 25 条

[11] ZUO Long, ZHANG Peng, JING Shuxu, Et al., Dual-channel residual network for image super-resolution reconstruction, Journal of Xi' an Jiaotong University, 56, 1, pp. 158-161, (2022)
[12] TIAN Hongfcng, JI Bai, QUANWei, Et al., MPA-nct: multi-scale pyramid attention network for liver tumor segmentation, 2021 International Conference on Electronic Information Engineering and Computer Science (EIECS), pp. 658-661, (2021)
[13] WANG Xiaoyin, LU Shuo, SUNJiazc, Knowledge distillation adversarial attack method based on generative adversarial network for medical diagnosis model, Journal of Xi ' an Jiaotong University, 56, 7, pp. 76-85, (2022)
[14] WANGWcnxuan, YIN Bangjic, YAO Taiping, Delving into data: effectively substitute training for black-box attack, 2021 IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR), pp. 1759-1768, (2021)
[15] WANG Zi, Learning fast converging, effective conditional generative adversarial networks with a mirrored auxiliary classifier, 2021 IKKK Winter Conference on Applications of Computer Vision (WACV), pp. 2565-2571, (2021)
[16] LIU Yichcn, A lane line detection method based on squeeze and excitation network, 2022 International Conference on Machine Learning and Intelligent Systems Engineering (MUSE), pp. 117-121, (2022)
[17] RAHMAN T, KHANDAKAR A, QIBLAWEY Y, Exploring the effect of image enhancement techniques on COVID-19 detection using chest X-ray images, Computers in Biology and Medicine, 132, (2021)
[18] WANG Xiaosong, PENG Yifan, LU Lc, ChcstX-ray8: hospital-scale chest X-ray database and benchmarks on weakly-supervised classification and localization of common thorax diseases, 2017 IKKK Conference on Computer Vision and Pattern Recognition (CVPR), pp. 3162-3171, (2017)
[19] YANG Huan, CHEN Lili, CHENG Zhiqiang, Deep learning-based six-type classifier for lung cancer and mimics from histopathological whole slide images: a retrospective study [J], BMC Medicine, 19, 1, (2021)
[20] DEVNATH L, LUO Suhuai, SUMMONS P, Deep ensemble learning for the automatic detection of pncumoconiosis in coal worker' s chest X-ray radiography [J], Journal of Clinical Medicine, 11, 18, (2022)

← 1 2 3 →