Adversarial attacks and adversarial robustness in computational pathology
Artificial Intelligence (AI) can support diagnostic workflows in oncology by aiding diagnosis and providing biomarkers directly from routine pathology slides. However, AI applications are vulnerable to adversarial attacks. Hence, it is essential to quantify and mitigate this risk before widespread c...
Gespeichert in:
| Hauptverfasser: | , , , , , , , , , , |
|---|---|
| Dokumenttyp: | Article (Journal) |
| Sprache: | Englisch |
| Veröffentlicht: |
29 September 2022
|
| In: |
Nature Communications
Year: 2022, Jahrgang: 13, Pages: 1-10 |
| ISSN: | 2041-1723 |
| DOI: | 10.1038/s41467-022-33266-0 |
| Online-Zugang: | Verlag, lizenzpflichtig, Volltext: https://doi.org/10.1038/s41467-022-33266-0 Verlag, lizenzpflichtig, Volltext: https://www.nature.com/articles/s41467-022-33266-0 
|
| Verfasserangaben: | Narmin Ghaffari Laleh, Daniel Truhn, Gregory Patrick Veldhuizen, Tianyu Han, Marko van Treeck, Roman D. Buelow, Rupert Langer, Bastian Dislich, Peter Boor, Volkmar Schulz & Jakob Nikolas Kather |
MARC
| LEADER | 00000caa a2200000 c 4500 | ||
|---|---|---|---|
| 001 | 1831342057 | ||
| 003 | DE-627 | ||
| 005 | 20250111010220.0 | ||
| 007 | cr uuu---uuuuu | ||
| 008 | 230118s2022 xx |||||o 00| ||eng c | ||
| 024 | 7 | |a 10.1038/s41467-022-33266-0 |2 doi | |
| 035 | |a (DE-627)1831342057 | ||
| 035 | |a (DE-599)KXP1831342057 | ||
| 035 | |a (OCoLC)1389536381 | ||
| 040 | |a DE-627 |b ger |c DE-627 |e rda | ||
| 041 | |a eng | ||
| 084 | |a 33 |2 sdnb | ||
| 100 | 1 | |a Ghaffari Laleh, Narmin |e VerfasserIn |0 (DE-588)1278479465 |0 (DE-627)1831343088 |4 aut | |
| 245 | 1 | 0 | |a Adversarial attacks and adversarial robustness in computational pathology |c Narmin Ghaffari Laleh, Daniel Truhn, Gregory Patrick Veldhuizen, Tianyu Han, Marko van Treeck, Roman D. Buelow, Rupert Langer, Bastian Dislich, Peter Boor, Volkmar Schulz & Jakob Nikolas Kather |
| 264 | 1 | |c 29 September 2022 | |
| 300 | |b Illustrationen | ||
| 300 | |a 10 | ||
| 336 | |a Text |b txt |2 rdacontent | ||
| 337 | |a Computermedien |b c |2 rdamedia | ||
| 338 | |a Online-Ressource |b cr |2 rdacarrier | ||
| 500 | |a Gesehen am 18.01.2023 | ||
| 520 | |a Artificial Intelligence (AI) can support diagnostic workflows in oncology by aiding diagnosis and providing biomarkers directly from routine pathology slides. However, AI applications are vulnerable to adversarial attacks. Hence, it is essential to quantify and mitigate this risk before widespread clinical use. Here, we show that convolutional neural networks (CNNs) are highly susceptible to white- and black-box adversarial attacks in clinically relevant weakly-supervised classification tasks. Adversarially robust training and dual batch normalization (DBN) are possible mitigation strategies but require precise knowledge of the type of attack used in the inference. We demonstrate that vision transformers (ViTs) perform equally well compared to CNNs at baseline, but are orders of magnitude more robust to white- and black-box attacks. At a mechanistic level, we show that this is associated with a more robust latent representation of clinically relevant categories in ViTs compared to CNNs. Our results are in line with previous theoretical studies and provide empirical evidence that ViTs are robust learners in computational pathology. This implies that large-scale rollout of AI models in computational pathology should rely on ViTs rather than CNN-based classifiers to provide inherent protection against perturbation of the input data, especially adversarial attacks. | ||
| 650 | 4 | |a Cancer imaging | |
| 650 | 4 | |a Computational science | |
| 650 | 4 | |a Diagnostic markers | |
| 650 | 4 | |a Image processing | |
| 650 | 4 | |a Machine learning | |
| 700 | 1 | |a Truhn, Daniel |e VerfasserIn |4 aut | |
| 700 | 1 | |a Veldhuizen, Gregory Patrick |e VerfasserIn |4 aut | |
| 700 | 1 | |8 1\p |a Han, Tianyu |e VerfasserIn |0 (DE-588)1278510001 |0 (DE-627)1831430037 |4 aut | |
| 700 | 1 | |a van Treeck, Marko |e VerfasserIn |4 aut | |
| 700 | 1 | |a Buelow, Roman D. |e VerfasserIn |4 aut | |
| 700 | 1 | |a Langer, Rupert |e VerfasserIn |4 aut | |
| 700 | 1 | |a Dislich, Bastian |e VerfasserIn |4 aut | |
| 700 | 1 | |8 2\p |a Boor, Peter |d 1979- |e VerfasserIn |0 (DE-588)140268456 |0 (DE-627)616972016 |0 (DE-576)316172979 |4 aut | |
| 700 | 1 | |a Schulz, Volkmar |e VerfasserIn |4 aut | |
| 700 | 1 | |a Kather, Jakob Nikolas |d 1989- |e VerfasserIn |0 (DE-588)1064064914 |0 (DE-627)812897587 |0 (DE-576)423589091 |4 aut | |
| 773 | 0 | 8 | |i Enthalten in |t Nature Communications |d [London] : Springer Nature, 2010 |g 13(2022) vom: Sept., Artikel-ID 5711, Seite 1-10 |h Online-Ressource |w (DE-627)626457688 |w (DE-600)2553671-0 |w (DE-576)331555905 |x 2041-1723 |7 nnas |a Adversarial attacks and adversarial robustness in computational pathology |
| 773 | 1 | 8 | |g volume:13 |g year:2022 |g month:09 |g elocationid:5711 |g pages:1-10 |g extent:10 |a Adversarial attacks and adversarial robustness in computational pathology |
| 856 | 4 | 0 | |u https://doi.org/10.1038/s41467-022-33266-0 |x Verlag |x Resolving-System |z lizenzpflichtig |3 Volltext |
| 856 | 4 | 0 | |u https://www.nature.com/articles/s41467-022-33266-0 |x Verlag |z lizenzpflichtig |3 Volltext |
| 883 | |8 1\p |a cgwrk |d 20241001 |q DE-101 |u https://d-nb.info/provenance/plan#cgwrk | ||
| 883 | |8 2\p |a cgwrk |d 20241001 |q DE-101 |u https://d-nb.info/provenance/plan#cgwrk | ||
| 951 | |a AR | ||
| 992 | |a 20230118 | ||
| 993 | |a Article | ||
| 994 | |a 2022 | ||
| 998 | |g 1064064914 |a Kather, Jakob Nikolas |m 1064064914:Kather, Jakob Nikolas |d 910000 |d 910100 |e 910000PK1064064914 |e 910100PK1064064914 |k 0/910000/ |k 1/910000/910100/ |p 11 |y j | ||
| 999 | |a KXP-PPN1831342057 |e 4249422747 | ||
| BIB | |a Y | ||
| SER | |a journal | ||
| JSO | |a {"title":[{"title_sort":"Adversarial attacks and adversarial robustness in computational pathology","title":"Adversarial attacks and adversarial robustness in computational pathology"}],"note":["Gesehen am 18.01.2023"],"type":{"bibl":"article-journal","media":"Online-Ressource"},"language":["eng"],"relHost":[{"origin":[{"publisher":"Springer Nature ; Nature Publishing Group UK","publisherPlace":"[London] ; [London]","dateIssuedDisp":"[2010]-"}],"pubHistory":["2010-"],"language":["eng"],"type":{"bibl":"periodical","media":"Online-Ressource"},"note":["Gesehen am 13.06.24"],"id":{"zdb":["2553671-0"],"issn":["2041-1723"],"eki":["626457688"]},"title":[{"title_sort":"Nature Communications","title":"Nature Communications"}],"part":{"year":"2022","pages":"1-10","extent":"10","text":"13(2022) vom: Sept., Artikel-ID 5711, Seite 1-10","volume":"13"},"physDesc":[{"extent":"Online-Ressource"}],"recId":"626457688","disp":"Adversarial attacks and adversarial robustness in computational pathologyNature Communications"}],"person":[{"display":"Ghaffari Laleh, Narmin","family":"Ghaffari Laleh","given":"Narmin","role":"aut"},{"display":"Truhn, Daniel","given":"Daniel","role":"aut","family":"Truhn"},{"display":"Veldhuizen, Gregory Patrick","role":"aut","given":"Gregory Patrick","family":"Veldhuizen"},{"role":"aut","given":"Tianyu","family":"Han","display":"Han, Tianyu"},{"given":"Marko","role":"aut","family":"van Treeck","display":"van Treeck, Marko"},{"family":"Buelow","given":"Roman D.","role":"aut","display":"Buelow, Roman D."},{"family":"Langer","given":"Rupert","role":"aut","display":"Langer, Rupert"},{"display":"Dislich, Bastian","family":"Dislich","role":"aut","given":"Bastian"},{"display":"Boor, Peter","family":"Boor","role":"aut","given":"Peter"},{"display":"Schulz, Volkmar","family":"Schulz","role":"aut","given":"Volkmar"},{"display":"Kather, Jakob Nikolas","given":"Jakob Nikolas","role":"aut","family":"Kather"}],"origin":[{"dateIssuedKey":"2022","dateIssuedDisp":"29 September 2022"}],"recId":"1831342057","physDesc":[{"extent":"10 S.","noteIll":"Illustrationen"}],"id":{"doi":["10.1038/s41467-022-33266-0"],"eki":["1831342057"]},"name":{"displayForm":["Narmin Ghaffari Laleh, Daniel Truhn, Gregory Patrick Veldhuizen, Tianyu Han, Marko van Treeck, Roman D. Buelow, Rupert Langer, Bastian Dislich, Peter Boor, Volkmar Schulz & Jakob Nikolas Kather"]}} | ||
| SRT | |a GHAFFARILAADVERSARIA2920 | ||