Robustification of Segmentation Models Against Adversarial Perturbations In Medical Imaging

TL;DR

This paper introduces a new, efficient framework to defend medical image segmentation models from adversarial attacks, utilizing frequency domain analysis and independent modules for detection and reforming.

Contribution

The proposed method is model-agnostic and attack-independent, offering a novel defense framework that improves robustness of segmentation models in medical imaging.

Findings

Outperforms existing defense methods in experiments

Effective detection of adversarial examples in medical images

Enhances segmentation accuracy under attack conditions

Abstract

This paper presents a novel yet efficient defense framework for segmentation models against adversarial attacks in medical imaging. In contrary to the defense methods against adversarial attacks for classification models which widely are investigated, such defense methods for segmentation models has been less explored. Our proposed method can be used for any deep learning models without revising the target deep learning models, as well as can be independent of adversarial attacks. Our framework consists of a frequency domain converter, a detector, and a reformer. The frequency domain converter helps the detector detects adversarial examples by using a frame domain of an image. The reformer helps target models to predict more precisely. We have experiments to empirically show that our proposed method has a better performance compared to the existing defense method.