Distance maximization and defences on deep hashing based image retrieval

Junda Lu; Yukai Miao; Mingyang Chen; Bo Huang; Bing Li; Wei Wang; Dinusha Vatsalan; Mohamed Ali Kaafar

doi:10.1109/ICKG59574.2023.00027

Distance maximization and defences on deep hashing based image retrieval

Junda Lu, Yukai Miao, Mingyang Chen, Bo Huang, Bing Li, Wei Wang, Dinusha Vatsalan, Mohamed Ali Kaafar

School of Computing

Research output: Chapter in Book/Report/Conference proceeding › Conference proceeding contribution › peer-review

Abstract

Though being remarkably efficient in computation and storage, recent research demonstrates deep hashing based image retrieval models are also vulnerable to adversarial attacks. A substantial amount of defence techniques against adversarial attacks have been developed recently, the overwhelming majority focus on adversarial training. However, adversarial defence focusing on the data side, i.e., cluster-contrasting, still remains a paucity. Albeit a pioneer work makes attempt to maximise the average distances of image clusters by anchoring predefined hash centers, it is still insufficient for a robust defence due to no optimal guarantee and over-sticking to the global average distance. Further, the laser-focus of either adversarial training or cluster contrasting of existing methods hinder them from further robustness boosting by judiciously incorporating them together. In this paper, we propose a novel distance maximization algorithm for defence on deep hashing based image retrieval systems. The model finds the optimal maximum average distance between cluster centers, and then uses a heuristic method to increase the minimum distance in the worst-case by solving a maximum Boolean satisfiability (max-SAT) problem. Our proposed distance maximization algorithm is a boosting algorithm that can be incorporated into adversarial training to enhance or boost the robustness of retrieval systems. Experiments conducted on two datasets demonstrate that our algorithm can generate clusters with a maximised average distance, while the minimum distance is also increased by up to 33% over the state-of-the-art method, and robustness is improved by up to 23 %.

Original language	English
Title of host publication	IEEE International Conference on Knowledge Graph ICKG 2023
Subtitle of host publication	proceedings
Editors	Victor S. Sheng, Chindo Hicks, Charles Ling, Vijay Raghavan, Xindong Wu
Place of Publication	Piscataway, NJ
Publisher	Institute of Electrical and Electronics Engineers (IEEE)
Pages	176-183
Number of pages	8
ISBN (Electronic)	9798350307092
ISBN (Print)	9798350307108
DOIs	https://doi.org/10.1109/ICKG59574.2023.00027
Publication status	Published - 2023
Event	14th IEEE International Conference on Knowledge Graph, ICKG 2023 - Hybrid, Shanghai, China Duration: 1 Dec 2023 → 2 Dec 2023

Conference

Conference	14th IEEE International Conference on Knowledge Graph, ICKG 2023
Country/Territory	China
City	Hybrid, Shanghai
Period	1/12/23 → 2/12/23

Access to Document

10.1109/ICKG59574.2023.00027

Cite this

Lu, J., Miao, Y., Chen, M., Huang, B., Li, B., Wang, W., Vatsalan, D., & Kaafar, M. A. (2023). Distance maximization and defences on deep hashing based image retrieval. In V. S. Sheng, C. Hicks, C. Ling, V. Raghavan, & X. Wu (Eds.), IEEE International Conference on Knowledge Graph ICKG 2023: proceedings (pp. 176-183). Institute of Electrical and Electronics Engineers (IEEE). https://doi.org/10.1109/ICKG59574.2023.00027

Lu, Junda ; Miao, Yukai ; Chen, Mingyang et al. / Distance maximization and defences on deep hashing based image retrieval. IEEE International Conference on Knowledge Graph ICKG 2023: proceedings. editor / Victor S. Sheng ; Chindo Hicks ; Charles Ling ; Vijay Raghavan ; Xindong Wu. Piscataway, NJ : Institute of Electrical and Electronics Engineers (IEEE), 2023. pp. 176-183

@inproceedings{99f1ba2951f14a718ffa0a7409be44ec,

title = "Distance maximization and defences on deep hashing based image retrieval",

abstract = "Though being remarkably efficient in computation and storage, recent research demonstrates deep hashing based image retrieval models are also vulnerable to adversarial attacks. A substantial amount of defence techniques against adversarial attacks have been developed recently, the overwhelming majority focus on adversarial training. However, adversarial defence focusing on the data side, i.e., cluster-contrasting, still remains a paucity. Albeit a pioneer work makes attempt to maximise the average distances of image clusters by anchoring predefined hash centers, it is still insufficient for a robust defence due to no optimal guarantee and over-sticking to the global average distance. Further, the laser-focus of either adversarial training or cluster contrasting of existing methods hinder them from further robustness boosting by judiciously incorporating them together. In this paper, we propose a novel distance maximization algorithm for defence on deep hashing based image retrieval systems. The model finds the optimal maximum average distance between cluster centers, and then uses a heuristic method to increase the minimum distance in the worst-case by solving a maximum Boolean satisfiability (max-SAT) problem. Our proposed distance maximization algorithm is a boosting algorithm that can be incorporated into adversarial training to enhance or boost the robustness of retrieval systems. Experiments conducted on two datasets demonstrate that our algorithm can generate clusters with a maximised average distance, while the minimum distance is also increased by up to 33% over the state-of-the-art method, and robustness is improved by up to 23 %.",

author = "Junda Lu and Yukai Miao and Mingyang Chen and Bo Huang and Bing Li and Wei Wang and Dinusha Vatsalan and Kaafar, {Mohamed Ali}",

year = "2023",

doi = "10.1109/ICKG59574.2023.00027",

language = "English",

isbn = "9798350307108",

pages = "176--183",

editor = "Sheng, {Victor S.} and Chindo Hicks and Charles Ling and Vijay Raghavan and Xindong Wu",

booktitle = "IEEE International Conference on Knowledge Graph ICKG 2023",

publisher = "Institute of Electrical and Electronics Engineers (IEEE)",

address = "United States",

note = "14th IEEE International Conference on Knowledge Graph, ICKG 2023 ; Conference date: 01-12-2023 Through 02-12-2023",

}

Lu, J, Miao, Y, Chen, M, Huang, B, Li, B, Wang, W, Vatsalan, D & Kaafar, MA 2023, Distance maximization and defences on deep hashing based image retrieval. in VS Sheng, C Hicks, C Ling, V Raghavan & X Wu (eds), IEEE International Conference on Knowledge Graph ICKG 2023: proceedings. Institute of Electrical and Electronics Engineers (IEEE), Piscataway, NJ, pp. 176-183, 14th IEEE International Conference on Knowledge Graph, ICKG 2023, Hybrid, Shanghai, China, 1/12/23. https://doi.org/10.1109/ICKG59574.2023.00027

Distance maximization and defences on deep hashing based image retrieval. / Lu, Junda; Miao, Yukai; Chen, Mingyang et al.
IEEE International Conference on Knowledge Graph ICKG 2023: proceedings. ed. / Victor S. Sheng; Chindo Hicks; Charles Ling; Vijay Raghavan; Xindong Wu. Piscataway, NJ: Institute of Electrical and Electronics Engineers (IEEE), 2023. p. 176-183.

Research output: Chapter in Book/Report/Conference proceeding › Conference proceeding contribution › peer-review

TY - GEN

T1 - Distance maximization and defences on deep hashing based image retrieval

AU - Lu, Junda

AU - Miao, Yukai

AU - Chen, Mingyang

AU - Huang, Bo

AU - Li, Bing

AU - Wang, Wei

AU - Vatsalan, Dinusha

AU - Kaafar, Mohamed Ali

PY - 2023

Y1 - 2023

N2 - Though being remarkably efficient in computation and storage, recent research demonstrates deep hashing based image retrieval models are also vulnerable to adversarial attacks. A substantial amount of defence techniques against adversarial attacks have been developed recently, the overwhelming majority focus on adversarial training. However, adversarial defence focusing on the data side, i.e., cluster-contrasting, still remains a paucity. Albeit a pioneer work makes attempt to maximise the average distances of image clusters by anchoring predefined hash centers, it is still insufficient for a robust defence due to no optimal guarantee and over-sticking to the global average distance. Further, the laser-focus of either adversarial training or cluster contrasting of existing methods hinder them from further robustness boosting by judiciously incorporating them together. In this paper, we propose a novel distance maximization algorithm for defence on deep hashing based image retrieval systems. The model finds the optimal maximum average distance between cluster centers, and then uses a heuristic method to increase the minimum distance in the worst-case by solving a maximum Boolean satisfiability (max-SAT) problem. Our proposed distance maximization algorithm is a boosting algorithm that can be incorporated into adversarial training to enhance or boost the robustness of retrieval systems. Experiments conducted on two datasets demonstrate that our algorithm can generate clusters with a maximised average distance, while the minimum distance is also increased by up to 33% over the state-of-the-art method, and robustness is improved by up to 23 %.

AB - Though being remarkably efficient in computation and storage, recent research demonstrates deep hashing based image retrieval models are also vulnerable to adversarial attacks. A substantial amount of defence techniques against adversarial attacks have been developed recently, the overwhelming majority focus on adversarial training. However, adversarial defence focusing on the data side, i.e., cluster-contrasting, still remains a paucity. Albeit a pioneer work makes attempt to maximise the average distances of image clusters by anchoring predefined hash centers, it is still insufficient for a robust defence due to no optimal guarantee and over-sticking to the global average distance. Further, the laser-focus of either adversarial training or cluster contrasting of existing methods hinder them from further robustness boosting by judiciously incorporating them together. In this paper, we propose a novel distance maximization algorithm for defence on deep hashing based image retrieval systems. The model finds the optimal maximum average distance between cluster centers, and then uses a heuristic method to increase the minimum distance in the worst-case by solving a maximum Boolean satisfiability (max-SAT) problem. Our proposed distance maximization algorithm is a boosting algorithm that can be incorporated into adversarial training to enhance or boost the robustness of retrieval systems. Experiments conducted on two datasets demonstrate that our algorithm can generate clusters with a maximised average distance, while the minimum distance is also increased by up to 33% over the state-of-the-art method, and robustness is improved by up to 23 %.

UR - http://www.scopus.com/inward/record.url?scp=85186139906&partnerID=8YFLogxK

U2 - 10.1109/ICKG59574.2023.00027

DO - 10.1109/ICKG59574.2023.00027

M3 - Conference proceeding contribution

AN - SCOPUS:85186139906

SN - 9798350307108

SP - 176

EP - 183

BT - IEEE International Conference on Knowledge Graph ICKG 2023

A2 - Sheng, Victor S.

A2 - Hicks, Chindo

A2 - Ling, Charles

A2 - Raghavan, Vijay

A2 - Wu, Xindong

PB - Institute of Electrical and Electronics Engineers (IEEE)

CY - Piscataway, NJ

T2 - 14th IEEE International Conference on Knowledge Graph, ICKG 2023

Y2 - 1 December 2023 through 2 December 2023

ER -

Lu J, Miao Y, Chen M, Huang B, Li B, Wang W et al. Distance maximization and defences on deep hashing based image retrieval. In Sheng VS, Hicks C, Ling C, Raghavan V, Wu X, editors, IEEE International Conference on Knowledge Graph ICKG 2023: proceedings. Piscataway, NJ: Institute of Electrical and Electronics Engineers (IEEE). 2023. p. 176-183 doi: 10.1109/ICKG59574.2023.00027

Distance maximization and defences on deep hashing based image retrieval

Abstract

Conference

Access to Document

Other files and links

Fingerprint

Cite this