Attack-agnostic Adversarial Detection on Medical Data Using Explainable Machine Learning

by   Matthew Watson, et al.

Explainable machine learning has become increasingly prevalent, especially in healthcare where explainable models are vital for ethical and trusted automated decision making. Work on the susceptibility of deep learning models to adversarial attacks has shown the ease of designing samples to mislead a model into making incorrect predictions. In this work, we propose a model agnostic explainability-based method for the accurate detection of adversarial samples on two datasets with different complexity and properties: Electronic Health Record (EHR) and chest X-ray (CXR) data. On the MIMIC-III and Henan-Renmin EHR datasets, we report a detection accuracy of 77 Adversarial Attack. On the MIMIC-CXR dataset, we achieve an accuracy of 88 significantly improving on the state of the art of adversarial detection in both datasets by over 10 based method using explainability techniques to detect adversarial samples which is able to generalise to different attack methods without a need for retraining.



There are no comments yet.


page 4

page 7

page 12

page 13


Feature Importance Guided Attack: A Model Agnostic Adversarial Attack

Machine learning models are susceptible to adversarial attacks which dra...

Detecting Adversarial Samples Using Density Ratio Estimates

Machine learning models, especially based on deep architectures are used...

Brittle interpretations: The Vulnerability of TCAV and Other Concept-based Explainability Tools to Adversarial Attack

Methods for model explainability have become increasingly critical for t...

Towards Explainable Real Estate Valuation via Evolutionary Algorithms

Human lives are increasingly influenced by algorithms, which therefore n...

Explainable Empirical Risk Minimization

The widespread use of modern machine learning methods in decision making...

Explainable Machine Learning for Fraud Detection

The application of machine learning to support the processing of large d...

Mimic and Fool: A Task Agnostic Adversarial Attack

At present, adversarial attacks are designed in a task-specific fashion....
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.