Journal article 285 views 18 downloads
Semantic-Aware Adversarial Training for Reliable Deep Hashing Retrieval
IEEE Transactions on Information Forensics and Security, Volume: 18, Pages: 4681 - 4694
Swansea University Author: Yuanbo Wu
-
PDF | Accepted Manuscript
© 2023 IEEE. Personal use of this material is permitted.
Download (16.99MB)
DOI (Published version): 10.1109/tifs.2023.3297791
Abstract
Deep hashing has been intensively studied and successfully applied in large-scale image retrieval systems due to its efficiency and effectiveness. Recent studies have recognized that the existence of adversarial examples poses a security threat to deep hashing models, that is, adversarial vulnerabil...
Published in: | IEEE Transactions on Information Forensics and Security |
---|---|
ISSN: | 1556-6013 1556-6021 |
Published: |
Institute of Electrical and Electronics Engineers (IEEE)
|
Online Access: |
Check full text
|
URI: | https://cronfa.swan.ac.uk/Record/cronfa64127 |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
first_indexed |
2023-08-24T09:28:26Z |
---|---|
last_indexed |
2023-08-24T09:28:26Z |
id |
cronfa64127 |
recordtype |
SURis |
fullrecord |
<?xml version="1.0" encoding="utf-8"?><rfc1807 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><bib-version>v2</bib-version><id>64127</id><entry>2023-08-24</entry><title>Semantic-Aware Adversarial Training for Reliable Deep Hashing Retrieval</title><swanseaauthors><author><sid>205b1ac5a767e977bebb5d6afd770784</sid><firstname>Yuanbo</firstname><surname>Wu</surname><name>Yuanbo Wu</name><active>true</active><ethesisStudent>false</ethesisStudent></author></swanseaauthors><date>2023-08-24</date><deptcode>SCS</deptcode><abstract>Deep hashing has been intensively studied and successfully applied in large-scale image retrieval systems due to its efficiency and effectiveness. Recent studies have recognized that the existence of adversarial examples poses a security threat to deep hashing models, that is, adversarial vulnerability. Notably, it is challenging to efficiently distill reliable semantic representatives for deep hashing to guide adversarial learning, and thereby it hinders the enhancement of adversarial robustness of deep hashing-based retrieval models. Moreover, current researches on adversarial training for deep hashing are hard to be formalized into a unified minimax structure. In this paper, we explore Semantic-Aware Adversarial Training (SAAT) for improving the adversarial robustness of deep hashing models. Specifically, we conceive a discriminative mainstay features learning (DMFL) scheme to construct semantic representatives for guiding adversarial learning in deep hashing. Particularly, our DMFL with the strict theoretical guarantee is adaptively optimized in a discriminative learning manner, where both discriminative and semantic properties are jointly considered. Moreover, adversarial examples are fabricated by maximizing the Hamming distance between the hash codes of adversarial samples and mainstay features, the efficacy of which is validated in the adversarial attack trials. Further, we, for the first time, formulate the formalized adversarial training of deep hashing into a unified minimax optimization under the guidance of the generated mainstay codes. Extensive experiments on benchmark datasets show superb attack performance against the state-of-the-art algorithms, meanwhile, the proposed adversarial training can effectively eliminate adversarial perturbations for trustworthy deep hashing-based retrieval. Our code is available at https://github.com/xandery-geek/SAAT.</abstract><type>Journal Article</type><journal>IEEE Transactions on Information Forensics and Security</journal><volume>18</volume><journalNumber/><paginationStart>4681</paginationStart><paginationEnd>4694</paginationEnd><publisher>Institute of Electrical and Electronics Engineers (IEEE)</publisher><placeOfPublication/><isbnPrint/><isbnElectronic/><issnPrint>1556-6013</issnPrint><issnElectronic>1556-6021</issnElectronic><keywords>Adversarial attack, adversarial training, trustworthy deep hashing, similarity retrieval</keywords><publishedDay>0</publishedDay><publishedMonth>0</publishedMonth><publishedYear>0</publishedYear><publishedDate>0001-01-01</publishedDate><doi>10.1109/tifs.2023.3297791</doi><url>http://dx.doi.org/10.1109/tifs.2023.3297791</url><notes/><college>COLLEGE NANME</college><department>Computer Science</department><CollegeCode>COLLEGE CODE</CollegeCode><DepartmentCode>SCS</DepartmentCode><institution>Swansea University</institution><apcterm>Not Required</apcterm><funders/><projectreference/><lastEdited>2023-11-02T16:38:09.3464367</lastEdited><Created>2023-08-24T10:27:43.1979525</Created><path><level id="1">Faculty of Science and Engineering</level><level id="2">School of Mathematics and Computer Science - Computer Science</level></path><authors><author><firstname>Xu</firstname><surname>Yuan</surname><orcid>0000-0002-2822-9443</orcid><order>1</order></author><author><firstname>Zheng</firstname><surname>Zhang</surname><orcid>0000-0003-1470-6998</orcid><order>2</order></author><author><firstname>Xunguang</firstname><surname>Wang</surname><orcid>0000-0002-5330-2286</orcid><order>3</order></author><author><firstname>Yuanbo</firstname><surname>Wu</surname><order>4</order></author></authors><documents><document><filename>64127__28683__2efc994cbc0248839c0e762d3fbb4c9a.pdf</filename><originalFilename>64127.ACCEPTED_VERSION.pdf</originalFilename><uploaded>2023-10-03T10:55:03.3462243</uploaded><type>Output</type><contentLength>17820423</contentLength><contentType>application/pdf</contentType><version>Accepted Manuscript</version><cronfaStatus>true</cronfaStatus><documentNotes>© 2023 IEEE. Personal use of this material is permitted.</documentNotes><copyrightCorrect>true</copyrightCorrect><language>eng</language></document></documents><OutputDurs/></rfc1807> |
spelling |
v2 64127 2023-08-24 Semantic-Aware Adversarial Training for Reliable Deep Hashing Retrieval 205b1ac5a767e977bebb5d6afd770784 Yuanbo Wu Yuanbo Wu true false 2023-08-24 SCS Deep hashing has been intensively studied and successfully applied in large-scale image retrieval systems due to its efficiency and effectiveness. Recent studies have recognized that the existence of adversarial examples poses a security threat to deep hashing models, that is, adversarial vulnerability. Notably, it is challenging to efficiently distill reliable semantic representatives for deep hashing to guide adversarial learning, and thereby it hinders the enhancement of adversarial robustness of deep hashing-based retrieval models. Moreover, current researches on adversarial training for deep hashing are hard to be formalized into a unified minimax structure. In this paper, we explore Semantic-Aware Adversarial Training (SAAT) for improving the adversarial robustness of deep hashing models. Specifically, we conceive a discriminative mainstay features learning (DMFL) scheme to construct semantic representatives for guiding adversarial learning in deep hashing. Particularly, our DMFL with the strict theoretical guarantee is adaptively optimized in a discriminative learning manner, where both discriminative and semantic properties are jointly considered. Moreover, adversarial examples are fabricated by maximizing the Hamming distance between the hash codes of adversarial samples and mainstay features, the efficacy of which is validated in the adversarial attack trials. Further, we, for the first time, formulate the formalized adversarial training of deep hashing into a unified minimax optimization under the guidance of the generated mainstay codes. Extensive experiments on benchmark datasets show superb attack performance against the state-of-the-art algorithms, meanwhile, the proposed adversarial training can effectively eliminate adversarial perturbations for trustworthy deep hashing-based retrieval. Our code is available at https://github.com/xandery-geek/SAAT. Journal Article IEEE Transactions on Information Forensics and Security 18 4681 4694 Institute of Electrical and Electronics Engineers (IEEE) 1556-6013 1556-6021 Adversarial attack, adversarial training, trustworthy deep hashing, similarity retrieval 0 0 0 0001-01-01 10.1109/tifs.2023.3297791 http://dx.doi.org/10.1109/tifs.2023.3297791 COLLEGE NANME Computer Science COLLEGE CODE SCS Swansea University Not Required 2023-11-02T16:38:09.3464367 2023-08-24T10:27:43.1979525 Faculty of Science and Engineering School of Mathematics and Computer Science - Computer Science Xu Yuan 0000-0002-2822-9443 1 Zheng Zhang 0000-0003-1470-6998 2 Xunguang Wang 0000-0002-5330-2286 3 Yuanbo Wu 4 64127__28683__2efc994cbc0248839c0e762d3fbb4c9a.pdf 64127.ACCEPTED_VERSION.pdf 2023-10-03T10:55:03.3462243 Output 17820423 application/pdf Accepted Manuscript true © 2023 IEEE. Personal use of this material is permitted. true eng |
title |
Semantic-Aware Adversarial Training for Reliable Deep Hashing Retrieval |
spellingShingle |
Semantic-Aware Adversarial Training for Reliable Deep Hashing Retrieval Yuanbo Wu |
title_short |
Semantic-Aware Adversarial Training for Reliable Deep Hashing Retrieval |
title_full |
Semantic-Aware Adversarial Training for Reliable Deep Hashing Retrieval |
title_fullStr |
Semantic-Aware Adversarial Training for Reliable Deep Hashing Retrieval |
title_full_unstemmed |
Semantic-Aware Adversarial Training for Reliable Deep Hashing Retrieval |
title_sort |
Semantic-Aware Adversarial Training for Reliable Deep Hashing Retrieval |
author_id_str_mv |
205b1ac5a767e977bebb5d6afd770784 |
author_id_fullname_str_mv |
205b1ac5a767e977bebb5d6afd770784_***_Yuanbo Wu |
author |
Yuanbo Wu |
author2 |
Xu Yuan Zheng Zhang Xunguang Wang Yuanbo Wu |
format |
Journal article |
container_title |
IEEE Transactions on Information Forensics and Security |
container_volume |
18 |
container_start_page |
4681 |
institution |
Swansea University |
issn |
1556-6013 1556-6021 |
doi_str_mv |
10.1109/tifs.2023.3297791 |
publisher |
Institute of Electrical and Electronics Engineers (IEEE) |
college_str |
Faculty of Science and Engineering |
hierarchytype |
|
hierarchy_top_id |
facultyofscienceandengineering |
hierarchy_top_title |
Faculty of Science and Engineering |
hierarchy_parent_id |
facultyofscienceandengineering |
hierarchy_parent_title |
Faculty of Science and Engineering |
department_str |
School of Mathematics and Computer Science - Computer Science{{{_:::_}}}Faculty of Science and Engineering{{{_:::_}}}School of Mathematics and Computer Science - Computer Science |
url |
http://dx.doi.org/10.1109/tifs.2023.3297791 |
document_store_str |
1 |
active_str |
0 |
description |
Deep hashing has been intensively studied and successfully applied in large-scale image retrieval systems due to its efficiency and effectiveness. Recent studies have recognized that the existence of adversarial examples poses a security threat to deep hashing models, that is, adversarial vulnerability. Notably, it is challenging to efficiently distill reliable semantic representatives for deep hashing to guide adversarial learning, and thereby it hinders the enhancement of adversarial robustness of deep hashing-based retrieval models. Moreover, current researches on adversarial training for deep hashing are hard to be formalized into a unified minimax structure. In this paper, we explore Semantic-Aware Adversarial Training (SAAT) for improving the adversarial robustness of deep hashing models. Specifically, we conceive a discriminative mainstay features learning (DMFL) scheme to construct semantic representatives for guiding adversarial learning in deep hashing. Particularly, our DMFL with the strict theoretical guarantee is adaptively optimized in a discriminative learning manner, where both discriminative and semantic properties are jointly considered. Moreover, adversarial examples are fabricated by maximizing the Hamming distance between the hash codes of adversarial samples and mainstay features, the efficacy of which is validated in the adversarial attack trials. Further, we, for the first time, formulate the formalized adversarial training of deep hashing into a unified minimax optimization under the guidance of the generated mainstay codes. Extensive experiments on benchmark datasets show superb attack performance against the state-of-the-art algorithms, meanwhile, the proposed adversarial training can effectively eliminate adversarial perturbations for trustworthy deep hashing-based retrieval. Our code is available at https://github.com/xandery-geek/SAAT. |
published_date |
0001-01-01T16:38:10Z |
_version_ |
1781470950527598592 |
score |
11.013082 |