In this article we demonstrate that a state-of-the-art machine learning model predicting whether a whole slide image contains mitosis can be fooled by changing just a single pixel in the input image. Computer vision and machine learning can be used to automate various tasks in cancer diagnostic and detection. If an attacker can manipulate the automated processing, the results can be devastating and in the worst case lead to wrong diagnostic and treatments. In this research one-pixel attack is demonstrated in a real-life scenario with a real tumor dataset. The results indicate that a minor one-pixel modification of a whole slide image under analysis can affect the diagnosis. The attack poses a threat from the cyber security perspective: the one-pixel method can be used as an attack vector by a motivated attacker.
翻译:在此篇文章中,我们展示了一种最先进的机器学习模型,该模型预测整个幻灯片图像中是否包含分裂症,可以通过改变输入图像中的单一像素来蒙骗。计算机视觉和机器学习可以用来使癌症诊断和检测中的各种任务自动化。如果攻击者能够操纵自动处理,结果可能是毁灭性的,在最坏的情况下会导致错误的诊断和治疗。在这项研究中,一个像素袭击在真实的肿瘤数据集现实生活中得到证明。结果显示,分析中整个幻灯片图像的微小一像素修改可以影响诊断。从网络安全角度来说,袭击构成了威胁:一个像素方法可以被动机攻击者用作攻击矢量。