Adversarial robust image processing in medical digital twin

IF 14.7 1区 计算机科学 Q1 COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE
Samaneh Shamshiri , Huaping Liu , Insoo Sohn
{"title":"Adversarial robust image processing in medical digital twin","authors":"Samaneh Shamshiri ,&nbsp;Huaping Liu ,&nbsp;Insoo Sohn","doi":"10.1016/j.inffus.2024.102728","DOIUrl":null,"url":null,"abstract":"<div><div>Recent advancements in state-of-the-art technologies, including Artificial Intelligence (AI), Internet of Things (IoT), and cloud computing, have led to the emergence of an innovative technology known as digital twins (DTs). A digital twin is a virtual replica of the physical entity, with data connections in between. This technology has proven highly effective in several industries by improving decision-making and operational efficiency. In critical areas like healthcare, digital twins are increasingly being used to address the limitations of conventional approaches by creating virtual simulations of hospitals, medical equipment, patients, or even individual organs. These medical digital twins (MDT) revolutionize the healthcare industry by offering advanced solutions to enhance treatment outcomes and overall patient care. However, these systems are challenging because of the security and critical issues involved. Therefore, despite their achievements, the numerous security threats make it crucial to address the security challenges of digital twin technology. Given the lack of research on attacks targeting MDT functionalities, we concentrated on a specific cyber threat called adversarial attacks. Adversarial attacks exploit the model’s performance by introducing small, carefully crafted perturbations to manipulate the input data. To assess the vulnerability of medical digital twins to such attacks, we carried out a proof-of-concept study. Using image processing techniques and an artificial neural network model, we created a digital twin to diagnose breast cancer through thermography images. Then, we employed this digital twin to initiate an adversarial attack. For this purpose, we inserted adversarial perturbation as input to the trained model. Our results demonstrated the vulnerability of the digital twin model to adversarial attacks. To tackle this problem, we implemented an innovative modification to the digital twin’s architecture to enhance its robustness against various attacks. We proposed a novel defense method that fuses wavelet denoising and adversarial training, substantially strengthening the model’s resilience to adversarial attacks. Furthermore, the proposed digital twin is evaluated using a dataset of diabetic foot ulcers. To the best of our knowledge, it is the first defense method that makes the medical digital twin significantly robust against adversarial attacks.</div></div>","PeriodicalId":50367,"journal":{"name":"Information Fusion","volume":"115 ","pages":"Article 102728"},"PeriodicalIF":14.7000,"publicationDate":"2024-10-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Information Fusion","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1566253524005062","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE","Score":null,"Total":0}
引用次数: 0

Abstract

Recent advancements in state-of-the-art technologies, including Artificial Intelligence (AI), Internet of Things (IoT), and cloud computing, have led to the emergence of an innovative technology known as digital twins (DTs). A digital twin is a virtual replica of the physical entity, with data connections in between. This technology has proven highly effective in several industries by improving decision-making and operational efficiency. In critical areas like healthcare, digital twins are increasingly being used to address the limitations of conventional approaches by creating virtual simulations of hospitals, medical equipment, patients, or even individual organs. These medical digital twins (MDT) revolutionize the healthcare industry by offering advanced solutions to enhance treatment outcomes and overall patient care. However, these systems are challenging because of the security and critical issues involved. Therefore, despite their achievements, the numerous security threats make it crucial to address the security challenges of digital twin technology. Given the lack of research on attacks targeting MDT functionalities, we concentrated on a specific cyber threat called adversarial attacks. Adversarial attacks exploit the model’s performance by introducing small, carefully crafted perturbations to manipulate the input data. To assess the vulnerability of medical digital twins to such attacks, we carried out a proof-of-concept study. Using image processing techniques and an artificial neural network model, we created a digital twin to diagnose breast cancer through thermography images. Then, we employed this digital twin to initiate an adversarial attack. For this purpose, we inserted adversarial perturbation as input to the trained model. Our results demonstrated the vulnerability of the digital twin model to adversarial attacks. To tackle this problem, we implemented an innovative modification to the digital twin’s architecture to enhance its robustness against various attacks. We proposed a novel defense method that fuses wavelet denoising and adversarial training, substantially strengthening the model’s resilience to adversarial attacks. Furthermore, the proposed digital twin is evaluated using a dataset of diabetic foot ulcers. To the best of our knowledge, it is the first defense method that makes the medical digital twin significantly robust against adversarial attacks.
医学数字孪生中的逆向鲁棒图像处理
人工智能(AI)、物联网(IoT)和云计算等最新技术的发展,催生了一种被称为数字孪生(DTs)的创新技术。数字孪生是物理实体的虚拟复制品,中间有数据连接。事实证明,这项技术在多个行业都非常有效,能够改善决策和提高运营效率。在医疗保健等关键领域,数字孪生越来越多地被用于通过创建医院、医疗设备、病人甚至单个器官的虚拟仿真来解决传统方法的局限性。这些医疗数字孪生系统(MDT)通过提供先进的解决方案来提高治疗效果和整体患者护理水平,从而彻底改变了医疗保健行业。然而,由于涉及安全和关键问题,这些系统具有挑战性。因此,尽管数字孪生技术已经取得了一定的成就,但众多的安全威胁使得应对数字孪生技术的安全挑战变得至关重要。鉴于缺乏针对 MDT 功能攻击的研究,我们将注意力集中在一种被称为对抗性攻击的特定网络威胁上。对抗性攻击通过引入精心设计的微小扰动来操纵输入数据,从而利用模型的性能。为了评估医疗数字孪生对此类攻击的脆弱性,我们开展了一项概念验证研究。利用图像处理技术和人工神经网络模型,我们创建了一个数字孪生,通过热成像图像诊断乳腺癌。然后,我们利用这个数字孪生来发起对抗性攻击。为此,我们在训练好的模型中插入了对抗性扰动作为输入。我们的结果表明,数字孪生模型很容易受到对抗性攻击。为了解决这个问题,我们对数字孪生的架构进行了创新性修改,以增强其抵御各种攻击的能力。我们提出了一种融合了小波去噪和对抗训练的新型防御方法,大大增强了模型对对抗性攻击的抵御能力。此外,我们还利用糖尿病足溃疡数据集对所提出的数字孪生模型进行了评估。据我们所知,这是第一种能使医学数字孪生模型显著抵御对抗性攻击的防御方法。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
Information Fusion
Information Fusion 工程技术-计算机:理论方法
CiteScore
33.20
自引率
4.30%
发文量
161
审稿时长
7.9 months
期刊介绍: Information Fusion serves as a central platform for showcasing advancements in multi-sensor, multi-source, multi-process information fusion, fostering collaboration among diverse disciplines driving its progress. It is the leading outlet for sharing research and development in this field, focusing on architectures, algorithms, and applications. Papers dealing with fundamental theoretical analyses as well as those demonstrating their application to real-world problems will be welcome.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信