Is Mamba Reliable for Medical Imaging?
Banafsheh Saber Latibari, Najmeh Nazari, Daniel Brignac, Hossein Sayadi, Houman Homayoun, Abhijit Mahalanobis
TL;DR
This paper assesses the robustness of the Mamba state-space model for medical imaging against various adversarial and corruption attacks, highlighting vulnerabilities and the need for defenses.
Contribution
It provides a comprehensive evaluation of Mamba's robustness under realistic threat models, which was previously underexplored.
Findings
Mamba is vulnerable to input-level adversarial attacks.
Corruption and fault injections significantly reduce accuracy.
Defenses are necessary for reliable deployment.
Abstract
State-space models like Mamba offer linear-time sequence processing and low memory, making them attractive for medical imaging. However, their robustness under realistic software and hardware threat models remains underexplored. This paper evaluates Mamba on multiple MedM-NIST classification benchmarks under input-level attacks, including white-box adversarial perturbations (FGSM/PGD), occlusion-based PatchDrop, and common acquisition corruptions (Gaussian noise and defocus blur) as well as hardware-inspired fault attacks emulated in software via targeted and random bit-flip injections into weights and activations. We profile vulnerabilities and quantify impacts on accuracy indicating that defenses are needed for deployment.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsAdversarial Robustness in Machine Learning · Cryptographic Implementations and Security · Security and Verification in Computing