Journal article 285 views 18 downloads
Semantic-Aware Adversarial Training for Reliable Deep Hashing Retrieval
IEEE Transactions on Information Forensics and Security, Volume: 18, Pages: 4681 - 4694
Swansea University Author: Yuanbo Wu
-
PDF | Accepted Manuscript
© 2023 IEEE. Personal use of this material is permitted.
Download (16.99MB)
DOI (Published version): 10.1109/tifs.2023.3297791
Abstract
Deep hashing has been intensively studied and successfully applied in large-scale image retrieval systems due to its efficiency and effectiveness. Recent studies have recognized that the existence of adversarial examples poses a security threat to deep hashing models, that is, adversarial vulnerabil...
Published in: | IEEE Transactions on Information Forensics and Security |
---|---|
ISSN: | 1556-6013 1556-6021 |
Published: |
Institute of Electrical and Electronics Engineers (IEEE)
|
Online Access: |
Check full text
|
URI: | https://cronfa.swan.ac.uk/Record/cronfa64127 |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Abstract: |
Deep hashing has been intensively studied and successfully applied in large-scale image retrieval systems due to its efficiency and effectiveness. Recent studies have recognized that the existence of adversarial examples poses a security threat to deep hashing models, that is, adversarial vulnerability. Notably, it is challenging to efficiently distill reliable semantic representatives for deep hashing to guide adversarial learning, and thereby it hinders the enhancement of adversarial robustness of deep hashing-based retrieval models. Moreover, current researches on adversarial training for deep hashing are hard to be formalized into a unified minimax structure. In this paper, we explore Semantic-Aware Adversarial Training (SAAT) for improving the adversarial robustness of deep hashing models. Specifically, we conceive a discriminative mainstay features learning (DMFL) scheme to construct semantic representatives for guiding adversarial learning in deep hashing. Particularly, our DMFL with the strict theoretical guarantee is adaptively optimized in a discriminative learning manner, where both discriminative and semantic properties are jointly considered. Moreover, adversarial examples are fabricated by maximizing the Hamming distance between the hash codes of adversarial samples and mainstay features, the efficacy of which is validated in the adversarial attack trials. Further, we, for the first time, formulate the formalized adversarial training of deep hashing into a unified minimax optimization under the guidance of the generated mainstay codes. Extensive experiments on benchmark datasets show superb attack performance against the state-of-the-art algorithms, meanwhile, the proposed adversarial training can effectively eliminate adversarial perturbations for trustworthy deep hashing-based retrieval. Our code is available at https://github.com/xandery-geek/SAAT. |
---|---|
Keywords: |
Adversarial attack, adversarial training, trustworthy deep hashing, similarity retrieval |
College: |
Faculty of Science and Engineering |
Start Page: |
4681 |
End Page: |
4694 |