Litcius/Paper detail

Adversarial Attacks for Neural Network-Based Industrial Soft Sensors: Mirror Output Attack and Translation Mirror Output Attack

Lei Chen, Qunxiong Zhu, Yan‐Lin He

2023IEEE Transactions on Industrial Informatics19 citationsDOI

Abstract

Soft sensing using the neural network technique has been increasingly applied to industrial processes. Recently, the security and robustness of neural network-based soft sensors have become primary concerns. In addition, current studies indicated that neural networks are vulnerable to adversarial attacks. In other words, small perturbations imposed on the input can lead to significant deviations in the output. If a soft sensor for key process variables is attacked, considerable damage may be brought to industrial processes. This article focuses on the attack methods for neural network-based industrial soft sensors. Considering the characteristics of industrial soft sensors, this article proposes two new adversarial attack methods. The first method, called the mirror output attack (MOA), is a subtle attack method that flips the output curve to change the direction of outputs. The second method, called the translation MOA (TMOA), is easy to make operators misoperate. TMOA translates the output curve while flipping the output curve to achieve the purpose of changing the output conditions. The effectiveness of MOA and TMOA is demonstrated in an industrial case study of the sulfur recovery unit process. Simulation results show that the neural network-based industrial soft sensors can be attacked by both the proposed adversarial attack methods. The study of adversarial attack methods can provide a basis for defending against attacks, thereby enhancing the security and robustness of soft sensors.

Topics & Concepts

Adversarial systemTranslation (biology)Computer scienceArtificial neural networkArtificial intelligenceComputer securityBiochemistryChemistryGeneMessenger RNAAdversarial Robustness in Machine LearningBacillus and Francisella bacterial researchPhysical Unclonable Functions (PUFs) and Hardware Security