New attacks on RNN based healthcare learning system and their detections

Abstract Advances in machine learning (ML) in recent years have enabled a wide range of applications such as data analytics, autonomous systems, and security diagnostics. For example, recurrent neural networks (RNNs), such as long short-term memory networks (LSTMs), serve as a fundamental building block for many sequence learning tasks. Many researchers construct learning based inference and decision making models using primitive learning modules (PLMs) hosted in popular developer platforms, e.g., github. However, most of the publicly available primitive learning modules (PLMs) are maintained by third parties and lack proper checking to ensure they have not been maliciously modified by adversaries. In this paper, we articulate a particular threat to Recurrent Neural Network (RNN) based ML systems by introducing a new attack, which adjusts the weights of a RNN-based model causing it to produce wrong prediction results. Via synthetic and real world datasets, we demonstrate that such an attack is feasible. Next, we propose a detection scheme which can be used to infer if a particular PLM used in a RNN-based ML system contains such malicious behaviors. Experimental results show that our RNN based attack algorithm decreases the system performance when weights of important features are modified during training. In addition, our results also show that our detection mechanism is useful in identifying such malicious PLM.

[1]  Toru Satoh,et al.  Definitions and diagnosis of pulmonary hypertension. , 2013, Journal of the American College of Cardiology.

[2]  Xu Zhang,et al.  A Scalable Weight-Free Learning Algorithm for Regulatory Control of Cell Activity in Spiking Neuronal Networks , 2016, Int. J. Neural Syst..

[3]  Timothy A. Gonsalves,et al.  Feature Selection for Text Classification Based on Gini Coefficient of Inequality , 2010, FSDM.

[4]  Irwin Epstein,et al.  Clinical Data-Mining: Integrating Practice and Research , 2009 .

[5]  M. Turner,et al.  The diagnostic pathway and prognosis in bulbar-onset amyotrophic lateral sclerosis , 2010, Journal of the Neurological Sciences.

[6]  Kathleen Martin,et al.  The Learning Machines. , 1981 .

[7]  M. Naumann,et al.  Disease progression in amyotrophic lateral sclerosis: Predictors of survival , 2002, Muscle & nerve.

[8]  Max A. Little,et al.  Exploiting Nonlinear Recurrence and Fractal Scaling Properties for Voice Disorder Detection , 2007, Biomedical engineering online.

[9]  P. Mecocci,et al.  Random Forest ensembles for detection and prediction of Alzheimer's disease with a good between-cohort robustness , 2014, NeuroImage: Clinical.

[10]  B. Efron Logistic Regression, Survival Analysis, and the Kaplan-Meier Curve , 1988 .

[11]  Claudia Eckert,et al.  Support vector machines under adversarial label contamination , 2015, Neurocomputing.

[12]  Qing Zeng-Treitler,et al.  Clinical data mining , 2015, Comput. Biol. Medicine.

[13]  Nicola Jones,et al.  Computer science: The learning machines , 2014, Nature.

[14]  Kevin P. Murphy,et al.  Machine learning - a probabilistic perspective , 2012, Adaptive computation and machine learning series.

[15]  M. Hoehn,et al.  Parkinsonism , 1967, Neurology.