Influence of Control Parameters and the Size of Biomedical Image Datasets on the Success of Adversarial Attacks
Vassili Kovalev, Dmitry Voynov

TL;DR
This study investigates how control parameters and dataset size influence the success of adversarial attacks on deep neural networks in biomedical imaging, providing valuable experimental insights for the community.
Contribution
It offers a comprehensive experimental analysis of adversarial attack success factors across various biomedical image types and dataset sizes.
Findings
Increasing perturbation amplitude raises attack success rates.
Histology images are less sensitive to perturbation amplitude.
Attack success grows with more iterations, stabilizing asymptotically.
Abstract
In this paper, we study dependence of the success rate of adversarial attacks to the Deep Neural Networks on the biomedical image type, control parameters, and image dataset size. With this work, we are going to contribute towards accumulation of experimental results on adversarial attacks for the community dealing with biomedical images. The white-box Projected Gradient Descent attacks were examined based on 8 classification tasks and 13 image datasets containing a total of 605,080 chest X-ray and 317,000 histology images of malignant tumors. We concluded that: (1) An increase of the amplitude of perturbation in generating malicious adversarial images leads to a growth of the fraction of successful attacks for the majority of image types examined in this study. (2) Histology images tend to be less sensitive to the growth of amplitude of adversarial perturbations. (3) Percentage of…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
