-
Active Learning in Brain Tumor Segmentation with Uncertainty Sampling, Annotation Redundancy Restriction, and Data Initialization
Authors:
Daniel D Kim,
Rajat S Chandra,
Jian Peng,
**g Wu,
Xue Feng,
Michael Atalay,
Chetan Bettegowda,
Craig Jones,
Haris Sair,
Wei-hua Liao,
Chengzhang Zhu,
Beiji Zou,
Li Yang,
Anahita Fathi Kazerooni,
Ali Nabavizadeh,
Harrison X Bai,
Zhicheng Jiao
Abstract:
Deep learning models have demonstrated great potential in medical 3D imaging, but their development is limited by the expensive, large volume of annotated data required. Active learning (AL) addresses this by training a model on a subset of the most informative data samples without compromising performance. We compared different AL strategies and propose a framework that minimizes the amount of da…
▽ More
Deep learning models have demonstrated great potential in medical 3D imaging, but their development is limited by the expensive, large volume of annotated data required. Active learning (AL) addresses this by training a model on a subset of the most informative data samples without compromising performance. We compared different AL strategies and propose a framework that minimizes the amount of data needed for state-of-the-art performance. 638 multi-institutional brain tumor MRI images were used to train a 3D U-net model and compare AL strategies. We investigated uncertainty sampling, annotation redundancy restriction, and initial dataset selection techniques. Uncertainty estimation techniques including Bayesian estimation with dropout, bootstrap**, and margins sampling were compared to random query. Strategies to avoid annotation redundancy by removing similar images within the to-be-annotated subset were considered as well. We determined the minimum amount of data necessary to achieve similar performance to the model trained on the full dataset (α = 0.1). A variance-based selection strategy using radiomics to identify the initial training dataset is also proposed. Bayesian approximation with dropout at training and testing showed similar results to that of the full data model with less than 20% of the training data (p=0.293) compared to random query achieving similar performance at 56.5% of the training data (p=0.814). Annotation redundancy restriction techniques achieved state-of-the-art performance at approximately 40%-50% of the training data. Radiomics dataset initialization had higher Dice with initial dataset sizes of 20 and 80 images, but improvements were not significant. In conclusion, we investigated various AL strategies with dropout uncertainty estimation achieving state-of-the-art performance with the least annotated data.
△ Less
Submitted 4 February, 2023;
originally announced February 2023.
-
Liuer Mihou: A Practical Framework for Generating and Evaluating Grey-box Adversarial Attacks against NIDS
Authors:
Ke He,
Dan Dongseong Kim,
**g Sun,
Jeong Do Yoo,
Young Hun Lee,
Huy Kang Kim
Abstract:
Due to its high expressiveness and speed, Deep Learning (DL) has become an increasingly popular choice as the detection algorithm for Network-based Intrusion Detection Systems (NIDSes). Unfortunately, DL algorithms are vulnerable to adversarial examples that inject imperceptible modifications to the input and cause the DL algorithm to misclassify the input. Existing adversarial attacks in the NIDS…
▽ More
Due to its high expressiveness and speed, Deep Learning (DL) has become an increasingly popular choice as the detection algorithm for Network-based Intrusion Detection Systems (NIDSes). Unfortunately, DL algorithms are vulnerable to adversarial examples that inject imperceptible modifications to the input and cause the DL algorithm to misclassify the input. Existing adversarial attacks in the NIDS domain often manipulate the traffic features directly, which hold no practical significance because traffic features cannot be replayed in a real network. It remains a research challenge to generate practical and evasive adversarial attacks.
This paper presents the Liuer Mihou attack that generates practical and replayable adversarial network packets that can bypass anomaly-based NIDS deployed in the Internet of Things (IoT) networks. The core idea behind Liuer Mihou is to exploit adversarial transferability and generate adversarial packets on a surrogate NIDS constrained by predefined mutation operations to ensure practicality. We objectively analyse the evasiveness of Liuer Mihou against four ML-based algorithms (LOF, OCSVM, RRCF, and SOM) and the state-of-the-art NIDS, Kitsune. From the results of our experiment, we gain valuable insights into necessary conditions on the adversarial transferability of anomaly detection algorithms. Going beyond a theoretical setting, we replay the adversarial attack in a real IoT testbed to examine the practicality of Liuer Mihou. Furthermore, we demonstrate that existing feature-level adversarial defence cannot defend against Liuer Mihou and constructively criticise the limitations of feature-level adversarial defences.
△ Less
Submitted 12 April, 2022;
originally announced April 2022.
-
Dynamic Control of a Fiber Manufacturing Process using Deep Reinforcement Learning
Authors:
Sangwoon Kim,
David Donghyun Kim,
Brian Anthony
Abstract:
This paper presents a model-free deep reinforcement learning (DRL) approach for controlling a fiber drawing system. The custom DRL-based control system predictively regulates fiber diameter and produces a fiber with a desired, constant or non-constant, diameter trajectory, i.e. diameter variation along the fiber length. Physical models of the system are not used. The system was trained and tested…
▽ More
This paper presents a model-free deep reinforcement learning (DRL) approach for controlling a fiber drawing system. The custom DRL-based control system predictively regulates fiber diameter and produces a fiber with a desired, constant or non-constant, diameter trajectory, i.e. diameter variation along the fiber length. Physical models of the system are not used. The system was trained and tested on a compact fiber drawing system, which has non-linear delayed dynamics and stochastic behaviors. For a reference trajectory with random step changes, after 1 hour of training, the DRL controller showed the same root mean squared error (RMSE) as an optimized PI controller; after 3 hours of training, it achieved the performance of a quadratic dynamic matrix controller (QDMC). While the PI feedback controller showed 3.5 seconds of time lag in a step response, the DRL controller showed less than a second of time lag. Controller performance tests on trajectories not used in the training process are conducted; for a sine sweep reference trajectory, the DRL controller maintained an RMSE under 40 um up to a frequency of 45 mHz, compared to 25 mHz for QDMC.
△ Less
Submitted 6 January, 2021; v1 submitted 22 November, 2019;
originally announced November 2019.