增强工业应用中针对对抗性攻击的网络防御

2022 IEEE 5th International Conference on Image Processing Applications and Systems (IPAS) Pub Date : 2022-12-05 DOI:10.1109/IPAS55744.2022.10052858

Georgios Makridis, Spyros Theodoropoulos, Dimitrios Dardanis, I. Makridis, Maria Margarita Separdani, G. Fatouros, D. Kyriazis, Panagiotis Koulouris

{"title":"增强工业应用中针对对抗性攻击的网络防御","authors":"Georgios Makridis, Spyros Theodoropoulos, Dimitrios Dardanis, I. Makridis, Maria Margarita Separdani, G. Fatouros, D. Kyriazis, Panagiotis Koulouris","doi":"10.1109/IPAS55744.2022.10052858","DOIUrl":null,"url":null,"abstract":"In recent years there is a surge of interest in the interpretability and explainability of AI systems, which is largely motivated by the need for ensuring the transparency and accountability of Artificial Intelligence (AI) operations, as well as by the need to minimize the cost and consequences of poor decisions. Another challenge that needs to be mentioned is the Cyber security attacks against AI infrastructures in manufacturing environments. This study examines eXplainable AI (XAI)-enhanced approaches against adversarial attacks for optimizing Cyber defense methods in manufacturing image classification tasks. The examined XAI methods were applied to an image classification task providing some insightful results regarding the utility of Local Interpretable Model-agnostic Explanations (LIME), Saliency maps, and the Gradient-weighted Class Activation Mapping (Grad-Cam) as methods to fortify a dataset against gradient evasion attacks. To this end, we “attacked” the XAI-enhanced Images and used them as input to the classifier to measure their robustness of it. Given the analyzed dataset, our research indicates that LIME-masked images are more robust to adversarial attacks. We additionally propose an Encoder-Decoder schema that timely predicts (decodes) the masked images, setting the proposed approach sufficient for a real-life problem.","PeriodicalId":322228,"journal":{"name":"2022 IEEE 5th International Conference on Image Processing Applications and Systems (IPAS)","volume":"33 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-12-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"XAI enhancing cyber defence against adversarial attacks in industrial applications\",\"authors\":\"Georgios Makridis, Spyros Theodoropoulos, Dimitrios Dardanis, I. Makridis, Maria Margarita Separdani, G. Fatouros, D. Kyriazis, Panagiotis Koulouris\",\"doi\":\"10.1109/IPAS55744.2022.10052858\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In recent years there is a surge of interest in the interpretability and explainability of AI systems, which is largely motivated by the need for ensuring the transparency and accountability of Artificial Intelligence (AI) operations, as well as by the need to minimize the cost and consequences of poor decisions. Another challenge that needs to be mentioned is the Cyber security attacks against AI infrastructures in manufacturing environments. This study examines eXplainable AI (XAI)-enhanced approaches against adversarial attacks for optimizing Cyber defense methods in manufacturing image classification tasks. The examined XAI methods were applied to an image classification task providing some insightful results regarding the utility of Local Interpretable Model-agnostic Explanations (LIME), Saliency maps, and the Gradient-weighted Class Activation Mapping (Grad-Cam) as methods to fortify a dataset against gradient evasion attacks. To this end, we “attacked” the XAI-enhanced Images and used them as input to the classifier to measure their robustness of it. Given the analyzed dataset, our research indicates that LIME-masked images are more robust to adversarial attacks. We additionally propose an Encoder-Decoder schema that timely predicts (decodes) the masked images, setting the proposed approach sufficient for a real-life problem.\",\"PeriodicalId\":322228,\"journal\":{\"name\":\"2022 IEEE 5th International Conference on Image Processing Applications and Systems (IPAS)\",\"volume\":\"33 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-12-05\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 IEEE 5th International Conference on Image Processing Applications and Systems (IPAS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/IPAS55744.2022.10052858\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 IEEE 5th International Conference on Image Processing Applications and Systems (IPAS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IPAS55744.2022.10052858","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

近年来，人们对人工智能系统的可解释性和可解释性产生了浓厚的兴趣，这主要是由于需要确保人工智能(AI)操作的透明度和问责制，以及需要将错误决策的成本和后果降至最低。另一个需要提及的挑战是制造环境中针对人工智能基础设施的网络安全攻击。本研究探讨了可解释的人工智能(XAI)增强的对抗对抗性攻击的方法，以优化制造图像分类任务中的网络防御方法。将所研究的XAI方法应用于图像分类任务，提供了一些关于局部可解释的模型不可知论解释(LIME)、显著性图和梯度加权类激活映射(gradcam)的效用的深刻结果，这些方法可以增强数据集抵御梯度逃避攻击。为此，我们“攻击”了xai增强的图像，并将它们作为分类器的输入来测量它们的鲁棒性。考虑到分析的数据集，我们的研究表明，石灰掩蔽图像对对抗性攻击更健壮。我们还提出了一个编码器-解码器模式，可以及时预测(解码)被屏蔽的图像，使所提出的方法足以解决现实问题。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

XAI enhancing cyber defence against adversarial attacks in industrial applications

In recent years there is a surge of interest in the interpretability and explainability of AI systems, which is largely motivated by the need for ensuring the transparency and accountability of Artificial Intelligence (AI) operations, as well as by the need to minimize the cost and consequences of poor decisions. Another challenge that needs to be mentioned is the Cyber security attacks against AI infrastructures in manufacturing environments. This study examines eXplainable AI (XAI)-enhanced approaches against adversarial attacks for optimizing Cyber defense methods in manufacturing image classification tasks. The examined XAI methods were applied to an image classification task providing some insightful results regarding the utility of Local Interpretable Model-agnostic Explanations (LIME), Saliency maps, and the Gradient-weighted Class Activation Mapping (Grad-Cam) as methods to fortify a dataset against gradient evasion attacks. To this end, we “attacked” the XAI-enhanced Images and used them as input to the classifier to measure their robustness of it. Given the analyzed dataset, our research indicates that LIME-masked images are more robust to adversarial attacks. We additionally propose an Encoder-Decoder schema that timely predicts (decodes) the masked images, setting the proposed approach sufficient for a real-life problem.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2022 IEEE 5th International Conference on Image Processing Applications and Systems (IPAS)

自引率

0.00%

发文量