Skip to content

miserrman/BEDN

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
.idea
.idea
 
 
decryption_model
decryption_model
 
 
encryption_model
encryption_model
 
 
origin
origin
 
 
trigger
trigger
 
 
16to8.py
16to8.py
 
 
ImageEncrypt.py
ImageEncrypt.py
 
 
README.md
README.md
 
 
batchchange.py
batchchange.py
 
 
build_data.py
build_data.py
 
 
build_supervise_data.py
build_supervise_data.py
 
 
discriminator.py
discriminator.py
 
 
encrypt.py
encrypt.py
 
 
entropy.py
entropy.py
 
 
export_graph.py
export_graph.py
 
 
generator.py
generator.py
 
 
histogram.py
histogram.py
 
 
inference.py
inference.py
 
 
inference_test.py
inference_test.py
 
 
model.py
model.py
 
 
move.py
move.py
 
 
ops.py
ops.py
 
 
quantitative.py
quantitative.py
 
 
reader.py
reader.py
 
 
resize.py
resize.py
 
 
supervise_reader.py
supervise_reader.py
 
 
time.py
time.py
 
 
train.py
train.py
 
 
utils.py
utils.py
 
 
新建文本文档.txt
新建文本文档.txt
 
 

Repository files navigation

Backdoor Attack on Deep Learning-based Medical Image Encryption and Decryption Network

Overview

Since many medical images contain sensitive information, it is necessary to encrypt these medical images before storing and further analyzing them. Some researches proposed to utilize deep learning based methods for medical image encryption and decryption, which can provide high security for medical image protection. However, our research shows that the deep learning-based encryption models can also be threatened by adopting backdoor attacks. In this paper, a backdoor attack paradigm for encryption and decryption network is proposed and corresponding attacks are designed for encryption and decryption scenarios, respectively. For attacking the encryption model, a backdoor discriminator is adopted, which is trained randomly with the normal discriminator, to confuse the encryption process. In the decryption scenario, some parameters of the subnetwork are replaced and the subnetwork can be activated when detecting the trigger embedded into the input (encrypted image) to greatly destroy the decryption performance. Moreover, considering the model performance degradation caused by parameter replacement, the model pruning is also adopted to further strengthen the attacking performance . Furthermore, the image steganography is adopted to generate invisible triggers for each image, which can greatly improve the stealthies of backdoor attacks. To the best of our knowledge, our research on designing backdoor attacks for encryption and decryption network can serve as an attacking mode for such networks, and provides another research direction for improving the security of such models . This research is also one of the earliest works to realize the backdoor attack on the deep learning based medical encryption and decryption network to evaluate the security performance of these networks. Extensive experimental results show that the proposed method can effectively threaten the security performance both for the encryption and decryption network.

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages