. 2021 Jun 7;21(11):3922.

doi: 10.3390/s21113922.

Adversarial Attack and Defence through Adversarial Training and Feature Fusion for Diabetic Retinopathy Recognition

Sheeba Lal¹, Saeed Ur Rehman¹, Jamal Hussain Shah¹, Talha Meraj¹, Hafiz Tayyab Rauf², Robertas Damaševičius³, Mazin Abed Mohammed⁴, Karrar Hameed Abdulkareem⁵

Affiliations

¹ Department of Computer Science, COMSATS University Islamabad, Wah Campus, Wah Cantt 47040, Pakistan.
² Department of Computer Science, Faculty of Engineering & Informatics, University of Bradford, Bradford BD7 1DP, UK.
³ Faculty of Applied Mathematics, Silesian University of Technology, 44-100 Gliwice, Poland.
⁴ College of Computer Science and Information Technology, University of Anbar, Anbar 31001, Iraq.
⁵ College of Agriculture, Al-Muthanna University, Samawah 66001, Iraq.

PMID: 34200216
PMCID: PMC8201392
DOI: 10.3390/s21113922

Adversarial Attack and Defence through Adversarial Training and Feature Fusion for Diabetic Retinopathy Recognition

Sheeba Lal et al. Sensors (Basel). 2021.

. 2021 Jun 7;21(11):3922.

doi: 10.3390/s21113922.

Authors

Sheeba Lal¹, Saeed Ur Rehman¹, Jamal Hussain Shah¹, Talha Meraj¹, Hafiz Tayyab Rauf², Robertas Damaševičius³, Mazin Abed Mohammed⁴, Karrar Hameed Abdulkareem⁵

Affiliations

¹ Department of Computer Science, COMSATS University Islamabad, Wah Campus, Wah Cantt 47040, Pakistan.
² Department of Computer Science, Faculty of Engineering & Informatics, University of Bradford, Bradford BD7 1DP, UK.
³ Faculty of Applied Mathematics, Silesian University of Technology, 44-100 Gliwice, Poland.
⁴ College of Computer Science and Information Technology, University of Anbar, Anbar 31001, Iraq.
⁵ College of Agriculture, Al-Muthanna University, Samawah 66001, Iraq.

PMID: 34200216
PMCID: PMC8201392
DOI: 10.3390/s21113922

Abstract

Due to the rapid growth in artificial intelligence (AI) and deep learning (DL) approaches, the security and robustness of the deployed algorithms need to be guaranteed. The security susceptibility of the DL algorithms to adversarial examples has been widely acknowledged. The artificially created examples will lead to different instances negatively identified by the DL models that are humanly considered benign. Practical application in actual physical scenarios with adversarial threats shows their features. Thus, adversarial attacks and defense, including machine learning and its reliability, have drawn growing interest and, in recent years, has been a hot topic of research. We introduce a framework that provides a defensive model against the adversarial speckle-noise attack, the adversarial training, and a feature fusion strategy, which preserves the classification with correct labelling. We evaluate and analyze the adversarial attacks and defenses on the retinal fundus images for the Diabetic Retinopathy recognition problem, which is considered a state-of-the-art endeavor. Results obtained on the retinal fundus images, which are prone to adversarial attacks, are 99% accurate and prove that the proposed defensive model is robust.

Keywords: adversarial attack; adversarial training; deep learning; diabetic retinopathy; feature fusion; speckle-noise attack.

PubMed Disclaimer

Conflict of interest statement

The authors declare no conflict of interest.

Figures

**Figure 1**
Block diagram of the proposed system.

**Figure 2**
Addition of FGSM Attacks. The first row shows the original images, while the second row represents the FGSM attacked images that mislead the model.

**Figure 3**
Addition of FGSM attacks. The first row shows the original images, while the second row represents the SN attacked images.

**Figure 4**
Addition of DF attacks. The first row shows the original images, while the second row indicates the DF attacked images.

**Figure 5**
Illustration of the adversarial training process.

**Figure 6**
ROC curve (**left**) and fusion scatter plot (**right**).

See this image and copyright information in PMC

Cited by

An Efficient Pareto Optimal Resource Allocation Scheme in Cognitive Radio-Based Internet of Things Networks.
Latif S, Akraam S, Karamat T, Khan MA, Altrjman C, Mey S, Nam Y. Latif S, et al. Sensors (Basel). 2022 Jan 7;22(2):451. doi: 10.3390/s22020451. Sensors (Basel). 2022. PMID: 35062409 Free PMC article.
A novel CAPTCHA solver framework using deep skipping Convolutional Neural Networks.
Lu S, Huang K, Meraj T, Rauf HT. Lu S, et al. PeerJ Comput Sci. 2022 Apr 6;8:e879. doi: 10.7717/peerj-cs.879. eCollection 2022. PeerJ Comput Sci. 2022. PMID: 35494833 Free PMC article.
AI-driven deep and handcrafted features selection approach for Covid-19 and chest related diseases identification.
Albahli S, Meraj T, Chakraborty C, Rauf HT. Albahli S, et al. Multimed Tools Appl. 2022;81(26):37569-37589. doi: 10.1007/s11042-022-13499-3. Epub 2022 Aug 3. Multimed Tools Appl. 2022. PMID: 35968412 Free PMC article.
Evaluating the Diagnostic Accuracy of a Novel Bayesian Decision-Making Algorithm for Vision Loss.
Basilious A, Govas CN, Deans AM, Yoganathan P, Deans RM. Basilious A, et al. Vision (Basel). 2022 Apr 4;6(2):21. doi: 10.3390/vision6020021. Vision (Basel). 2022. PMID: 35466273 Free PMC article.
DIAROP: Automated Deep Learning-Based Diagnostic Tool for Retinopathy of Prematurity.
Attallah O. Attallah O. Diagnostics (Basel). 2021 Nov 3;11(11):2034. doi: 10.3390/diagnostics11112034. Diagnostics (Basel). 2021. PMID: 34829380 Free PMC article.

See all "Cited by" articles

References

1. Albahli S., Rauf H.T., Arif M., Nafis M.T., Algosaibi A. Identification of Thoracic Diseases by Exploiting Deep Neural Networks. Neural Netw. 2021;5:6.
1. Albahli S., Rauf H.T., Algosaibi A., Balas V.E. AI-driven deep CNN approach for multi-label pathology classification using chest X-Rays. PeerJ Comput. Sci. 2021;7:e495. doi: 10.7717/peerj-cs.495. - DOI - PMC - PubMed
1. Abdulsahib A.A., Mahmoud M.A., Mohammed M.A., Rasheed H.H., Mostafa S.A., Maashi M.S. Comprehensive review of retinal blood vessel segmentation and classification techniques: Intelligent solutions for green computing in medical images, current challenges, open issues, and knowledge gaps in fundus medical images. Netw. Model. Anal. Health Inform. Bioinform. 2021;10:1–32.
1. Canedo D., Neves A.J.R. Facial Expression Recognition Using Computer Vision: A Systematic Review. Appl. Sci. 2019;9:4678. doi: 10.3390/app9214678. - DOI
1. Kour N., Sunanda, Arora S. Computer-vision based diagnosis of Parkinson’s disease via gait: A survey. IEEE Access. 2019;7:156620–156645. doi: 10.1109/ACCESS.2019.2949744. - DOI

MeSH terms

Actions
Actions
Actions
Actions
Actions
Actions
Actions

LinkOut - more resources

Full Text Sources
Medical
- MedlinePlus Health Information

Save citation to file

Email citation

Add to Collections

Add to My Bibliography

Your saved search

Create a file for external citation management software

Your RSS Feed

Adversarial Attack and Defence through Adversarial Training and Feature Fusion for Diabetic Retinopathy Recognition

Affiliations

Adversarial Attack and Defence through Adversarial Training and Feature Fusion for Diabetic Retinopathy Recognition

Authors

Affiliations

Abstract

Conflict of interest statement

Figures

Similar articles

Cited by

References

MeSH terms

LinkOut - more resources

Full Text Sources

Medical

Abstract

Conflict of interest statement

Figures

Similar articles

Cited by

References

MeSH terms

Related information

LinkOut - more resources

Full Text Sources

Medical