Adversarial attacks and adversarial robustness in computational pathology.

Ghaffari Laleh, Narmin; Truhn, Daniel; Veldhuizen, Gregory Patrick; Han, Tianyu; van Treeck, Marko; Buelow, Roman D; Langer, Rupert; Dislich, Bastian; Boor, Peter; Schulz, Volkmar; Kather, Jakob Nikolas (2022). Adversarial attacks and adversarial robustness in computational pathology. Nature Communications, 13(1), p. 5711. Springer Nature 10.1038/s41467-022-33266-0

[img]
Preview
Text
s41467-022-33266-0.pdf - Published Version
Available under License Creative Commons: Attribution (CC-BY).

Download (3MB) | Preview

Artificial Intelligence (AI) can support diagnostic workflows in oncology by aiding diagnosis and providing biomarkers directly from routine pathology slides. However, AI applications are vulnerable to adversarial attacks. Hence, it is essential to quantify and mitigate this risk before widespread clinical use. Here, we show that convolutional neural networks (CNNs) are highly susceptible to white- and black-box adversarial attacks in clinically relevant weakly-supervised classification tasks. Adversarially robust training and dual batch normalization (DBN) are possible mitigation strategies but require precise knowledge of the type of attack used in the inference. We demonstrate that vision transformers (ViTs) perform equally well compared to CNNs at baseline, but are orders of magnitude more robust to white- and black-box attacks. At a mechanistic level, we show that this is associated with a more robust latent representation of clinically relevant categories in ViTs compared to CNNs. Our results are in line with previous theoretical studies and provide empirical evidence that ViTs are robust learners in computational pathology. This implies that large-scale rollout of AI models in computational pathology should rely on ViTs rather than CNN-based classifiers to provide inherent protection against perturbation of the input data, especially adversarial attacks.

Item Type:

Journal Article (Original Article)

Division/Institute:

04 Faculty of Medicine > Service Sector > Institute of Pathology > Clinical Pathology
04 Faculty of Medicine > Service Sector > Institute of Pathology

UniBE Contributor:

Langer, Rupert and Dislich, Bastian

Subjects:

500 Science > 570 Life sciences; biology
600 Technology > 610 Medicine & health

ISSN:

2041-1723

Publisher:

Springer Nature

Language:

English

Submitter:

Pubmed Import

Date Deposited:

03 Oct 2022 10:30

Last Modified:

05 Dec 2022 16:25

Publisher DOI:

10.1038/s41467-022-33266-0

PubMed ID:

36175413

BORIS DOI:

10.48350/173425

URI:

https://boris.unibe.ch/id/eprint/173425

Actions (login required)

Edit item Edit item
Provide Feedback