Recently deep learning has reached human-level performance in classifying arrhythmia from Electrocardiogram (ECG). However, deep neural networks (DNN) are vulnerable to adversarial attacks, which can misclassify ECG signals by decreasing the model's precision. Adversarial attacks are crafted perturbations injected in data that manifest the conventional DNN models to misclassify the correct class. Thus, safety concerns arise as it becomes challenging to establish the system's reliability, given that clinical applications require high levels of trust. To mitigate this problem and make DNN models more robust in clinical and real-life settings, we introduce a novel Conditional Generative Adversarial Network (GAN), robust against adversarial attacked ECG signals and retaining high accuracy. Furthermore, we compared it with other state-of-art models to detect cardiac abnormalities from indistinguishable adversarial attacked ECGs. The experiment confirms, our model is more robust against adversarial attacks compared to other architectures.
翻译:最近深层的学习在对心电图(ECG)的心律失常进行分类方面达到了人类层面的成绩。然而,深神经网络(DNN)很容易受到对抗性攻击,这种攻击会降低模型的精确度,从而错误地分辨ECG信号。反向攻击被注入了显示常规DNN模型的数据中,从而错误地分类正确的等级。因此,由于临床应用需要高度信任,建立系统的可靠性变得十分困难,因此出现了安全问题。为了减轻这一问题,并使DNNN模型在临床和现实生活环境中更加强大,我们引入了新型的CAN条件生成性对抗性反向网络(GAN),对攻击ECG信号的对抗性很强,并保持了很高的准确性。此外,我们将它与其他最先进的模型进行比较,以发现与不可分辨的对立性对立式攻击ECG的心脏异常性。实验证实,我们的模型比其他结构更有力地对付对抗性攻击。