Çekişmeli makine öğrenmesi saldırılarının rulman arıza teşhisindeki etkileri

Year 2023, Volume: 13 Issue: 1, 210 - 220, 15.01.2023

Mustafa Şinasi Ayas , Selen Ayas

https://doi.org/10.17714/gumusfenbil.1120895

Abstract

Bilgiye dayalı arıza teşhis yöntemleri, sırasıyla model tabanlı ve sinyal tabanlı teşhis yöntemlerinde gerekli olan kesin model ve sinyal kalıplarına ihtiyaç duymadıkları için daha fazla tercih edilir hale gelmiştir. Makine öğrenimi teknikleri, ham sinyallerden sağlık durumlarına bilgileri eşleyerek arıza teşhisinde dikkate değer sonuçlar sağlamaktadır. Ancak makine öğrenimi yöntemlerinin kullanıldığı diğer endüstriyel uygulamalarda olduğu gibi kötü niyetli saldırılara karşı zafiyetleri ortaya çıkmaktadır. Bu çalışmada erişime açık CWRU rulman sağlık durumu veri kümesindeki 10 farklı sağlık durumunu içeren titreşim sinyalleri 2B görüntülere çevrilmiş ve görüntülerin sınıflandırılması için kullanılan derin artık öğrenme (DRL) ağ modeline beyaz kutu çekişmeli saldırılarından Hızlı Gradyan İşareti Yöntemi (FGSM), Temel Yinelemeli Yöntem (BIM), İzdüşürülen Gradyan İniş (PGD) ve Carlini ve Wagner (CW) saldırıları uygulanmıştır. Uygulanan çekişmeli makine öğrenmesi saldırılarının etkisini incelemek için DRL modelinin dayanıklılığı analiz edilmiştir. Elde edilen sonuçlara göre uygulanan çekişmeli saldırılar DRL modelini kandırarak yanlış sonuç üretmesine yol açmış ve rulman arıza teşhis sınıflandırma doğruluğunu düşürmüştür. 2B görüntülere oldukça küçük bir pertürbasyon eklenmesi sonucu %99.98 olan sınıflandırma doğruluğu FGSM, BIM, PGD, ve CW saldırı yöntemleri ile sırasıyla %68.38, %61.75, %61.88 ve %63.31 değerine düşmüştür. Ulaşılan sonuçlar kullanılan çekişmeli makine öğrenmesi saldırı yöntemlerinin rulman arıza teşhis sınıflandırma doğruluğunu düşürmesi için büyük potansiyele sahip olduğunu göstermektedir.

Keywords

Arıza teşhis sistemi, Çekişmeli makine öğrenmesi, Derin artık öğrenme modeli

The effects of adversarial machine learning attacks on bearing fault diagnosis

Abstract

Knowledge-based fault diagnosis methods have become more preferred as they do not need precise model and signal patterns required in model-based and signal-based diagnosis methods, respectively. Machine learning techniques provide remarkable results on fault diagnosis by mapping information from raw signals to health condition. However, their vulnerabilities against adversarial attacks arise as in the other industrial applications employing machine learning methods. In this study, the vibration signals containing 10 different health condition in the public CWRU bearing health condition dataset are converted into 2D images and Fast Gradient Sign Method (FGSM), Basic Iterative Method (BIM), Projected Gradient Descent (PGD) and Carlini and Wagner (CW) white box adversarial attacks are applied into the deep residual learning (DRL) network model which classifies the images of rolling bearing. The robustness of the DRL model is analyzed to examine the effect of the implemented adversarial machine learning attacks. According to the obtained results, the adversarial attacks fooled the DRL model, causing it to produce misclassification results and so decrease the bearing fault diagnosis classification accuracy. As a result of injecting quite small perturbation to 2D images, the classification accuracy, which was 99.98%, is decreased to 68.38%, 61.75%, 61.88% and 63.31% by FGSM, BIM, PGD and CW attack methods, respectively. The achieved results show that the adversarial machine learning attack methods have great potential to reduce the accuracy of bearing fault diagnosis classification.

Keywords

Fault diagnosis system, Adversarial machine learning, Deep residual learning model

References

• Akhtar, N., Mian, A., Kardan, N., & Shah, M. (2021). Advances in adversarial attacks and defenses in computer vision: A survey. IEEE Access, 9, 155161-155196. https://doi.org/ 10.1109/ACCESS.2021.3127960
• Anthi, E., Williams, L., Rhode, M., Burnap, P., & Wedgbury, A. (2021). Adversarial attacks on machine learning cybersecurity defences in industrial control systems. Journal of Information Security and Applications, 58, 102717. https://doi.org/10.1016/j.jisa.2020.102717
• Ayas, S., & Ayas, M. S. (2022). A novel bearing fault diagnosis method using deep residual learning network. Multimedia Tools and Applications, 81, 22407–22423. https://doi.org/10.1007/s11042-021-11617-1
• Brown, T. B., Mané, D., Roy, A., Abadi, M., & Gilmer, J. (2017). Adversarial patch. arXiv preprint arXiv:1712.09665.
• Chen, X. W., & Lin, X. (2014). Big data deep learning: challenges and perspectives. IEEE Access, 2, 514-525. https://doi.org/10.1109/ACCESS.2014.2325029
• Chen, Z., Mauricio, A., Li, W., & Gryllias, K. (2020). A deep learning method for bearing fault diagnosis based on cyclic spectral coherence and convolutional neural networks. Mechanical Systems and Signal Processing, 140, 106683. https://doi.org/10.1016/j.ymssp.2020.106683
• Demir, H. G., & Müştak, O. (2021). Rulman hasarlarının titreşim ve gürültü analizi ile tespiti. Avrupa Bilim ve Teknoloji Dergisi, 25, 571-581. https://doi.org/10.31590/ejosat.869285
• Gao, Z., Cecati, C., & Ding, S. X. (2015). A survey of fault diagnosis and fault-tolerant techniques—Part I: Fault diagnosis with model-based and signal-based approaches. IEEE Transactions on Industrial Electronics, 62(6), 3757-3767. https://doi.org/10.1109/TIE.2015.2417501
• Goodfellow, I. J., Shlens, J., & Szegedy, C. (2014). Explaining and harnessing adversarial examples. arXiv preprint arXiv:1412.6572.
• Guo, L., Lei, Y., Xing, S., Yan, T., & Li, N. (2018). Deep convolutional transfer learning network: A new method for intelligent fault diagnosis of machines with unlabeled data. IEEE Transactions on Industrial Electronics, 66(9), 7316-7325. https://doi.org/10.1109/TIE.2018.2877090
• Jia, F., Lei, Y., Guo, L., Lin, J., & Xing, S. (2018). A neural network constructed by deep learning technique and its application to intelligent fault diagnosis of machines. Neurocomputing, 272, 619-628. https://doi.org/10.1016/j.neucom.2017.07.032
• Khorram, A., Khalooei, M., & Rezghi, M. (2021). End-to-end CNN+LSTM deep learning approach for bearing fault diagnosis. Applied Intelligence, 51(2), 736-751. https://doi.org/10.1007/s10489-020-01859-1
• Kumar, R. S. S., Nyström, M., Lambert, J., Marshall, A., Goertzel, M., Comissoneru, A., Swann, M., & Xia, S. (2020). Adversarial machine learning-industry perspectives. IEEE Security and Privacy Workshops (SPW) (pp. 69-75), USA. https://doi.org/10.1109/SPW50608.2020.00028
• Kuppa, A., Grzonkowski, S., Asghar, M. R., & Le-Khac, N. A. (2019). Black box attacks on deep anomaly detectors. 14th International Conference on Availability, Reliability and Security (pp. 1-10), United Kingdom. https://doi.org/10.1145/3339252.3339266
• Kurakin, A., Goodfellow, I., & Bengio, S. (2016). Adversarial machine learning at scale. arXiv preprint arXiv:1611.01236.
• Kurakin, A., Goodfellow, I. J., & Bengio, S. (2018). Adversarial examples in the physical world. Roman V. Yampolskiy (Ed.), Artificial intelligence safety and security (ss. 99-112). Chapman and Hall/CRC.
• Liu, Z. H., Lu, B. L., Wei, H. L., Chen, L., Li, X. H., & Rätsch, M. (2019). Deep adversarial domain adaptation model for bearing fault diagnosis. IEEE Transactions on Systems, Man, and Cybernetics: Systems, 51(7), 4217-4226. https://doi.org/10.1109/TSMC.2019.2932000
• Madry, A., Makelov, A., Schmidt, L., Tsipras, D., & Vladu, A. (2017). Towards deep learning models resistant to adversarial attacks. arXiv preprint arXiv:1706.06083.
• Moosavi-Dezfooli, S. M., Fawzi, A., & Frossard, P. (2016). Deepfool: a simple and accurate method to fool deep neural networks. IEEE Conference on Computer Vision and Pattern Recognition (pp. 2574-2582), USA.
• Park, Y. J., Fan, S. K. S., & Hsu, C. Y. (2020). A review on fault detection and process diagnostics in industrial processes. Processes, 8(9), 1123. https://doi.org/10.3390/pr8091123
• Rozsa, A., Rudd, E. M., & Boult, T. E. (2016). Adversarial diversity and hard positive generation. IEEE Conference on Computer Vision and Pattern Recognition Workshops (pp. 25-32), USA.
• Sayles, A., Hooda, A., Gupta, M., Chatterjee, R., & Fernandes, E. (2021). Invisible perturbations: physical adversarial examples exploiting the rolling shutter effect. IEEE Conference on Computer Vision and Pattern Recognition (pp. 14666-14675), USA.
• Suciu, O., Marginean, R., Kaya, Y., Daume III, H., & Dumitras, T. (2018). When does machine learning FAIL? generalized transferability for evasion and poisoning attacks. 27th USENIX Security Symposium (pp. 1299-1316), USA.
• Szegedy, C., Zaremba, W., Sutskever, I., Bruna, J., Erhan, D., Goodfellow, I., & Fergus, R. (2013). Intriguing properties of neural networks. arXiv preprint arXiv:1312.6199.
• Vakhshiteh, F., Nickabadi, A., & Ramachandra, R. (2021). Adversarial attacks against face recognition: A comprehensive study. IEEE Access, 9, 92735-92756. https://doi.org/10.1109/ACCESS.2021.3092646
• Wen, L., Li, X., Gao, L., & Zhang, Y. (2017). A new convolutional neural network-based data-driven fault diagnosis method. IEEE Transactions on Industrial Electronics, 65(7), 5990-5998. https://doi.org/10.1109/TIE.2017.2774777
• Wen, L., Gao, L., & Li, X. (2019). A new deep transfer learning based on sparse auto-encoder for fault diagnosis. IEEE Transactions on Systems, Man, and Cybernetics: Systems, 49(1), 136-144. https://doi.org/10.1109/TSMC.2017.2754287
• Xu, P., Kolosnjaji, B., Eckert, C., & Zarras, A. (2020). Manis: Evading malware detection system on graph structure. 35th Annual ACM Symposium on Applied Computing (pp. 1688-1695), Czech Republic.
• Xu, Y., Li, Z., Wang, S., Li, W., Sarkodie-Gyan, T., & Feng, S. (2021). A hybrid deep-learning model for fault diagnosis of rolling bearings. Measurement, 169, 108502. https://doi.org/10.1016/j.measurement.2020.108502
• Zhao, J., Yang, S., Li, Q., Liu, Y., Gu, X., & Liu, W. (2021). A new bearing fault diagnosis method based on signal-to-image mapping and convolutional neural network. Measurement, 176, 109088. https://doi.org/10.1016/j.measurement.2021.109088