Novel method aims to stop white-box, black-box attacks on AI diagnosis models

Liz Carey
Nov 16, 2023

Wednesday, November 29 | 10:20 a.m. - 10:30 a.m. | W3-SSIN06-6 | S401

Citing vulnerabilities with deep learning-based mammographic breast cancer diagnosis models, a University of Pittsburgh research team has developed and evaluated a novel technical framework that could defend against adversarial attacks on AI software.

The starting dataset for the framework consisted of 4,346 mammograms from a cohort of 1,284 women who underwent full-field digital mammography for breast cancer screening. First, the team built a diagnosis model using a VGG-16 network to classify breast cancer (366 biopsy-proven malignancies) versus normal (918 negative cases). 

Degan Hao, MS, a PhD student in the University of Pittsburgh’s Intelligent Systems Program, will share the results of a study that tested the group's adversarial training strategy. For the framework, a “regularization algorithm” was developed to facilitate learning “adversarially robust features” for classification and a label-independent data augmentation to resolve the common issue of data leakage introduced by black-box data synthesis. Five-fold cross-validation was used to compare the AUC values of the proposed adversarial training versus regular training without the novel method.

Researchers evaluated two types of adversarial attacks: white-box attack (attackers know about AI model parameters), in which adversarial data were generated by the projected gradient descent method to insert adversarial noises to mammogram images; and black-box attacks (attackers have no access to AI model parameters), in which adversarial data were generated by intentionally inserting or removing tumorous tissue in mammograms.

The breast cancer diagnosis model demonstrated an AUC of 0.668 with regular training. Under white-box attack, the model’s performance degraded to an AUC of 0.415; however, the proposed framework brings the AUC to 0.673. Likewise, black-box attack downgrades the model to an AUC of 0.461 but the defense framework brings the AUC to 0.637.

While deploying medical AI into clinical informatics workflow has risks, such as the white-box and black-box adversarial attacks described for this session, an AI defense strategy could make diagnosis models more resilient and improve patient safety, according to Hao. Drop in to learn more.

Latest in 2023 Imaging Informatics Preview
Road To Rsna
Road to RSNA 2023: Imaging Informatics Preview
November 17, 2023
AI reduced CT brain reporting time in teleradiology
November 16, 2023
FREE Webinar
Sponsored
FREE Webinar
November 1, 2024
Locally derived calibration sets prove useful for predicting AI performance
November 16, 2023
More in 2023 Imaging Informatics Preview
Road to RSNA 2023: Imaging Informatics Preview
By Liz Carey
In many respects, AI has come to dominate the field of imaging informatics research, a trend that will be evident at RSNA 2023.
November 17, 2023
Road To Rsna
AI reduced CT brain reporting time in teleradiology
By Liz Carey
An AI algorithm deployed to assist with noncontrast CT brain reports in Australia cut radiologist reporting time by up to 8.5%, according to this scientific session.
November 16, 2023
Seeking trustworthy automated detection for hip implant
By Liz Carey
A deep-learning classifier designed to create a deep-learning “trustworthiness pipeline,” in this case for a total hip arthroplasty aid in clinical settings, recognized 28 implants on plain hip radiographs, according to recent research.
November 16, 2023
Locally derived calibration sets prove useful for predicting AI performance
In this presentation, researchers will reveal how they were able to improve AI algorithm performance by utilizing local data.
November 16, 2023
Are LLMs effective without specific training?
By Liz Carey
Researchers seeking to speed up the development of large-language models (LLMs) are exploring where and how to use a training technique called zero shot, as this Wednesday session will cover.
November 16, 2023
ChatGPT-4 delivers differential diagnosis on abdominal imaging
By Liz Carey
This Tuesday afternoon session will show how ChatGPT-4 performed for producing a differential diagnosis from transcribed radiology reports of abdominal imaging exams.
November 16, 2023
NLP tool helps make radiology reports more readable
By Liz Carey
Researchers from the Yale School of Medicine have developed a patient-centric radiology literacy tool using natural language processing (NLP) technology and prompt engineering to produce radiology reports that are more readable for patients.
November 16, 2023
AI model shows promise for spotting errors in CXR reports
By Liz Carey
A deep-learning algorithm may be able to help reduce diagnostic errors in radiology, according to this presentation on Monday morning.
November 16, 2023
NLP technique eases reporting requirements
By Liz Carey
Using natural language processing (NLP) for real-world evidence gleaned from radiology reports could relieve burdens on those with reporting requirements related to postmarket safety of cancer drugs, according to a Monday morning presentation.
November 16, 2023
Macro tool tracks incidental findings for follow-up
By Liz Carey
When a large academic health system used standardized consensus-based macros to track actionable incidental findings most found the macros helpful because they saved time and ensured appropriate follow-up, according to a project to be presented Monday.
November 16, 2023
Machine-learning model prioritizes STAT imaging orders
By Liz Carey
If you have considered that a “STAT” designation on imaging orders could be overutilized, misused, or obscure the urgency of the order, you will want to hear how an automated system has been designed to prioritize some STAT orders to the top of the queue.
November 16, 2023
The cloud can enable better radiology AI integration
By Liz Carey
Adding a layer of cloud-based software may improve the integration of AI results into the PACS, radiology report, and EHR, according to a proof-of-concept study to be presented Monday.
November 16, 2023
Page 1 of 2
Next Page