Securing the Diagnosis of Medical Imaging: An In-depth Analysis of AI-Resistant Attacks

TL;DR

This paper reviews recent adversarial attack strategies on medical imaging DNNs, emphasizing the importance of robustness in AI systems used for critical healthcare diagnoses and discussing potential countermeasures.

Contribution

It provides a comprehensive analysis of current adversarial attack methods and detection techniques in medical imaging AI, highlighting challenges and future directions for enhancing robustness.

Findings

Adversarial attacks pose significant risks to medical imaging AI systems.

Current detection methods have limitations in real-world scenarios.

Enhancing neural network robustness is crucial for safe medical diagnosis.

Abstract

Machine learning (ML) is a rapidly developing area of medicine that uses significant resources to apply computer science and statistics to medical issues. ML's proponents laud its capacity to handle vast, complicated, and erratic medical data. It's common knowledge that attackers might cause misclassification by deliberately creating inputs for machine learning classifiers. Research on adversarial examples has been extensively conducted in the field of computer vision applications. Healthcare systems are thought to be highly difficult because of the security and life-or-death considerations they include, and performance accuracy is very important. Recent arguments have suggested that adversarial attacks could be made against medical image analysis (MedIA) technologies because of the accompanying technology infrastructure and powerful financial incentives. Since the diagnosis will be the basis for important decisions, it is essential to assess how strong medical DNN tasks are against adversarial attacks. Simple adversarial attacks have been taken into account in several earlier studies. However, DNNs are susceptible to more risky and realistic attacks. The present paper covers recent proposed adversarial attack strategies against DNNs for medical imaging as well as countermeasures. In this study, we review current techniques for adversarial imaging attacks, detections. It also encompasses various facets of these techniques and offers suggestions for the robustness of neural networks to be improved in the future.