Table 15 Model robustness against adversarial attacks.
Attack type | Original detection rate | Enhanced model detection rate | Baseline model detection rate |
|---|---|---|---|
Data poisoning (5%) | 93.8% | 92.6% | 79.3% |
Adversarial sample perturbation | 93.8% | 91.2% | 68.4% |
Model inversion attack | 93.8% | 90.8% | 72.1% |
