@inproceedings{bd6ebb771c7b40d1a54b06aff1b171a5,
title = "MedAttacker: Exploring Black-Box Adversarial Attacks on Risk Prediction Models in Healthcare",
abstract = "Researchers have conduct adversarial attacks against deep neural networks (DNNs) for health risk prediction in the white/gray-box setting to evaluate their robustness. However, since most real-world solutions are trained by private data and released as black-box services on the cloud, we should investigate their robustness in the black-box setting. Unfortunately, existing work ignores to consider the uniqueness of electronic health records (EHRs). To fill this gap, we propose the first black-box adversarial attack method against health risk prediction models named MedAttacker to investigate their vulnerability. It addresses the challenges brought by EHRs via two steps: hierarchical position selection which selects the attacked positions in a reinforcement learning (RL) framework and substitute selection which identifies substitutes with a score-based principle. Particularly, by considering the temporal context inside EHRs, MedAttacker initializes its RL position selection policy by using the contribution score of each visit and the saliency score of each code, which can be well integrated with the deterministic substitute selection process decided by the score changes. We evaluate MedAttacker by attacking three advanced risk prediction models in the black-box setting across multiple real-world datasets, and MedAttacker consistently achieves the highest average success rate and even outperforms a recent white-box EHR adversarial attack technique in certain cases.",
author = "Muchao Ye and Junyu Luo and Guanjie Zheng and Cao Xiao and Houping Xiao and Ting Wang and Fenglong Ma",
note = "Publisher Copyright: {\textcopyright} 2022 IEEE.; 2022 IEEE International Conference on Bioinformatics and Biomedicine, BIBM 2022 ; Conference date: 06-12-2022 Through 08-12-2022",
year = "2022",
doi = "10.1109/BIBM55620.2022.9994898",
language = "English (US)",
series = "Proceedings - 2022 IEEE International Conference on Bioinformatics and Biomedicine, BIBM 2022",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "1777--1780",
editor = "Donald Adjeroh and Qi Long and Xinghua Shi and Fei Guo and Xiaohua Hu and Srinivas Aluru and Giri Narasimhan and Jianxin Wang and Mingon Kang and Mondal, {Ananda M.} and Jin Liu",
booktitle = "Proceedings - 2022 IEEE International Conference on Bioinformatics and Biomedicine, BIBM 2022",
address = "United States",
}