Longitudinal Adversarial Attack on Electronic Health Records Data

An, Sungtae; Xiao, Cao; Stewart, Walter F.; Sun, Jimeng

doi:10.1145/3308558.3313528

Cited by 16 publications

(18 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Researchers are now looking for a possible solution to combine EHR with blockchain technology in the healthcare sector [15]. Data leaks and successful HIS attacks visualize the problems concerning the protection and sensitive handling of patient data, even though HIS are told to be secure [16]. Hospitals, private companies, and even international health and political organizations such as the EU discuss the benefits and possibilities of blockchain implementation for standardizing and facilitating EHR exchange.…”

Section: Introductionmentioning

confidence: 99%

A Risk Analysis on Blockchain Technology Usage for Electronic Health Records

Ploder

Bernsteiner

Weichelt³

2021

Cloud Computing and Data Science

View full text Add to dashboard Cite

Health data is one of the most valuable data and highly sensitive. Its careful handling is essential in today' s digitalized world and cloud technology use for sharing. Health Information Systems facilitate the storage and accessibility of health data for better care along the patient path. As the integration of all historical patient data, the Electronic Health Record is at the heart of health data management. The centralization of stored health data represents a single point of failure and trust, making data exchange across institutions difficult and insecure. Blockchain technology builds on consensus mechanisms and immutable chains of blocks for validating and securing data transactions as a modern decentralized approach. The application of blockchain technology for Electronic Health Records is promising but still a young concept. Due to the wide range of discussion, this paper aims at identifying risks by using blockchain technology in the eHealth sector. Based on a systematic literature review, various authors' argumentations and findings are examined and concluded to set up the empirical study. The semistructured qualitative interview study aims to find out the threats of blockchain. The paper concludes with an overall discussion and some implementation recommendations.

show abstract

Section: Introductionmentioning

confidence: 99%

A Risk Analysis on Blockchain Technology Usage for Electronic Health Records

Ploder

Bernsteiner

Weichelt³

2021

Cloud Computing and Data Science

View full text Add to dashboard Cite

show abstract

“…To illustrate, existing studies mainly explore the robustness of deep health risk prediction models by white/gray-box adversarial attacks, which assume attackers can access the parameters of health risk prediction models. For example, Sun et al [21] propose a white-box one to identify susceptible locations in clinical time series data, An et al [1] generate adversarial EHR examples in the white/gray-box setting, and Wang et al [23] test a white-box evasion attack on EHRs. However, in the real world health analytics companies train their models with their private data and release them as black-box services on the cloud.…”

Section: Introductionmentioning

confidence: 99%

“…Contributions. To sum up, our contributions are as follows: (1) To the best of our knowledge, we are the first to explore the robustness of health risk prediction models via black-box adversarial attacks. Compared with white/gray-box setting, black-box adversarial attack is more realistic, so our work can better approximate the robustness of real-world health risk prediction models.…”

Section: Introductionmentioning

confidence: 99%

“…(3) We compare MedAttacker against state-ofthe-art black-box adversarial attack methods in terms of attack success rate across three real-world healthcare datasets. Results show that MedAttacker can generate more adversarial examples on average, and even outperforms white-box model LAVA [1] in the Dementia dataset. With the experimental results, we further include a discussion on the defending against adversarial attacks for health risk prediction models.…”

Section: Introductionmentioning

confidence: 99%

“…However, adversarial attack research on EHR data is still in the early stage, and much more work is needed in designing effective adversarial attack methods in this domain, especially the black-box ones. To our knowledge, Sun et al [21] and An et al [1] are the ones who have explored the area of attacking DNNs with white/gray-box methods in the healthcare domain. [21] proposes a white-box adversarial attack method for the EHR data that are described by continues values including vital signs and lab measurements, while [1] conducts white-box and graybox adversarial attacks on the ICD-based EHR data.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

MedAttacker: Exploring Black-Box Adversarial Attacks on Risk Prediction Models in Healthcare

Ye¹,

Jian²,

Zheng³

et al. 2021

Preprint

Self Cite

View full text Add to dashboard Cite

Deep neural networks (DNNs) have been broadly adopted in health risk prediction to provide healthcare diagnoses and treatments. To evaluate their robustness, existing research conducts adversarial attacks in the white/gray-box setting where model parameters are accessible. However, a more realistic black-box adversarial attack is ignored even though most real-world models are trained with private data and released as black-box services on the cloud. To fill this gap, we propose the first black-box adversarial attack method against health risk prediction models named MedAttacker to investigate their vulnerability. MedAttacker addresses the challenges brought by EHR data via two steps: hierarchical position selection which selects the attacked positions in a reinforcement learning (RL) framework and substitute selection which identifies substitute with a score-based principle. Particularly, by considering the temporal context inside EHRs, it initializes its RL position selection policy by using the contribution score of each visit and the saliency score of each code, which can be well integrated with the deterministic substitute selection process decided by the score changes. In experiments, MedAttacker consistently achieves the highest average success rate and even outperforms a recent white-box EHR adversarial attack technique in certain cases when attacking three advanced health risk prediction models in the black-box setting across multiple real-world datasets. In addition, based on the experiment results we include a discussion on defending EHR adversarial attacks.

show abstract

Explainable deep learning in healthcare: A methodological survey from an attribution view

Jin

Sergeeva

Weng

et al. 2022

WIREs Mechanisms of Disease

View full text Add to dashboard Cite

The increasing availability of large collections of electronic health record (EHR) data and unprecedented technical advances in deep learning (DL) have sparked a surge of research interest in developing DL based clinical decision support systems for diagnosis, prognosis, and treatment. Despite the recognition of the value of deep learning in healthcare, impediments to further adoption in real healthcare settings remain due to the black-box nature of DL. Therefore, there is an emerging need for interpretable DL, which allows end users to evaluate the model decision making to know whether to accept or reject predictions and recommendations before an action is taken. In this review, we focus on the interpretability of the DL models in healthcare. We start by introducing the methods for interpretability in depth and comprehensively as a methodological reference for future researchers or clinical practitioners in this field. Besides the methods' details, we also include a discussion of advantages and disadvantages of these methods and which scenarios each of them is suitable for, so that interested readers can know how to compare and choose among them for use. Moreover, we discuss how these methods, originally developed for solving general-domain problems, have been adapted and applied to healthcare problems and how they can help physicians better understand these data-driven technologies. Overall, we hope this survey can help researchers and practitioners in both artificial intelligence and clinical fields understand what methods we have for enhancing the interpretability of their DL models and choose the optimal one accordingly.

show abstract

Longitudinal Adversarial Attack on Electronic Health Records Data

Cited by 16 publications

References 10 publications

A Risk Analysis on Blockchain Technology Usage for Electronic Health Records

A Risk Analysis on Blockchain Technology Usage for Electronic Health Records

MedAttacker: Exploring Black-Box Adversarial Attacks on Risk Prediction Models in Healthcare

Explainable deep learning in healthcare: A methodological survey from an attribution view

Contact Info

Product

Resources

About