Generalizability vs. Robustness: Adversarial Examples for Medical   Imaging

Magdalini Paschali; Sailesh Conjeti; Fernando Navarro; Nassir Navab

arXiv:1804.00504·cs.CV·April 3, 2018·37 cites

Generalizability vs. Robustness: Adversarial Examples for Medical Imaging

Magdalini Paschali, Sailesh Conjeti, Fernando Navarro, Nassir Navab

PDF

Open Access

TL;DR

This paper introduces a novel evaluation method using adversarial examples to assess the robustness of medical imaging models against noise, outliers, and ambiguous data, revealing significant differences in model perception.

Contribution

It proposes a new robustness evaluation framework for medical imaging models using adversarial examples, highlighting disparities not captured by traditional generalization metrics.

Findings

01

Models with similar generalization performance can differ greatly in robustness.

02

Adversarial evaluation uncovers vulnerabilities in state-of-the-art medical imaging models.

03

Robustness varies significantly across different architectures like Inception and UNet.

Abstract

In this paper, for the first time, we propose an evaluation method for deep learning models that assesses the performance of a model not only in an unseen test scenario, but also in extreme cases of noise, outliers and ambiguous input data. To this end, we utilize adversarial examples, images that fool machine learning models, while looking imperceptibly different from original data, as a measure to evaluate the robustness of a variety of medical imaging models. Through extensive experiments on skin lesion classification and whole brain segmentation with state-of-the-art networks such as Inception and UNet, we show that models that achieve comparable performance regarding generalizability may have significant variations in their perception of the underlying data manifold, leading to an extensive performance gap in their robustness.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.

Taxonomy

TopicsAdversarial Robustness in Machine Learning · Anomaly Detection Techniques and Applications · Generative Adversarial Networks and Image Synthesis