research-article

Invisible Black-Box Backdoor Attack against Deep Cross-Modal Hashing Retrieval

Authors:
Tianshi Wang

Shandong Normal University, Jinan, China

Shandong Normal University, Jinan, China

0000-0002-8013-5188
Search about this author

,
Fengling Li

University of Technology Sydney, Broadway, Australia

University of Technology Sydney, Broadway, Australia

0009-0000-2942-4868
Search about this author

,
Lei Zhu

Shandong Normal University, Jinan, China

Shandong Normal University, Jinan, China

0000-0002-2993-7142
Search about this author

,
Jingjing Li

University of Electronic Science and Technology of China, Chengdu, China

University of Electronic Science and Technology of China, Chengdu, China

0000-0002-5504-2529
Search about this author

,
Zheng Zhang

Harbin Institute of Technology Shenzhen, Shenzhen, China

Harbin Institute of Technology Shenzhen, Shenzhen, China

0000-0003-1470-6998
Search about this author

,
Heng Tao Shen

University of Electronic Science and Technology of China, Chengdu China

University of Electronic Science and Technology of China, Chengdu China

0000-0002-2999-2088
Search about this author

Authors Info & Claims

ACM Transactions on Information Systems Volume 42 Issue 4Article No.: 111pp 1–27https://doi.org/10.1145/3650205

Published:26 April 2024Publication History

ACM Transactions on Information Systems

Abstract

Deep cross-modal hashing has promoted the field of multi-modal retrieval due to its excellent efficiency and storage, but its vulnerability to backdoor attacks is rarely studied. Notably, current deep cross-modal hashing methods inevitably require large-scale training data, resulting in poisoned samples with imperceptible triggers that can easily be camouflaged into the training data to bury backdoors in the victim model. Nevertheless, existing backdoor attacks focus on the uni-modal vision domain, while the multi-modal gap and hash quantization weaken their attack performance. In addressing the aforementioned challenges, we undertake an invisible black-box backdoor attack against deep cross-modal hashing retrieval in this article. To the best of our knowledge, this is the first attempt in this research field. Specifically, we develop a flexible trigger generator to generate the attacker’s specified triggers, which learns the sample semantics of the non-poisoned modality to bridge the cross-modal attack gap. Then, we devise an input-aware injection network, which embeds the generated triggers into benign samples in the form of sample-specific stealth and realizes cross-modal semantic interaction between triggers and poisoned samples. Owing to the knowledge-agnostic of victim models, we enable any cross-modal hashing knockoff to facilitate the black-box backdoor attack and alleviate the attack weakening of hash quantization. Moreover, we propose a confusing perturbation and mask strategy to induce the high-performance victim models to focus on imperceptible triggers in poisoned samples. Extensive experiments on benchmark datasets demonstrate that our method has a state-of-the-art attack performance against deep cross-modal hashing retrieval. Besides, we investigate the influences of transferable attacks, few-shot poisoning, multi-modal poisoning, perceptibility, and potential defenses on backdoor attacks. Our codes and datasets are available at https://github.com/tswang0116/IB3A.

REFERENCES

[1] Bai Cong, Zeng Chao, Ma Qing, Zhang Jinglin, and Chen Shengyong. 2020. Deep adversarial discrete hashing for cross-modal retrieval. In Proceedings of the International Conference on Multimedia Retrieval. 525–531.Google ScholarDigital Library
[2] Bai Jiawang, Chen Bin, Li Yiming, Wu Dongxian, Guo Weiwei, Xia Shu-tao, and Yang En-hui. 2020. Targeted attack for deep hashing based retrieval. In Proceedings of the European Conference on Computer Vision. 618–634.Google ScholarDigital Library
[3] Barni Mauro, Kallas Kassem, and Tondi Benedetta. 2019. A new backdoor attack in CNNS by training set corruption without label poisoning. In Proceedings of the IEEE International Conference on Image Processing. 101–105.Google ScholarCross Ref
[4] Barreno Marco, Nelson Blaine, Sears Russell, Joseph Anthony D., and Tygar J. Doug. 2006. Can machine learning be secure? In Proceedings of the ACM Symposium on Information, Computer and Communications Security. 16–25.Google ScholarDigital Library
[5] Bhagoji Arjun Nitin, Chakraborty Supriyo, Mittal Prateek, and Calo Seraphin. 2019. Analyzing federated learning through an adversarial lens. In Proceedings of the International Conference on Machine Learning. 634–643.Google Scholar
[6] Brendel Wieland, Rauber Jonas, and Bethge Matthias. 2018. Decision-based adversarial attacks: Reliable attacks against black-box machine learning models. In Proceedings of the International Conference on Learning Representations. 1–12.Google Scholar
[7] Chatfield Ken, Simonyan Karen, Vedaldi Andrea, and Zisserman Andrew. 2014. Return of the devil in the details: Delving deep into convolutional nets. Retrieved from https://arXiv:1405.3531Google Scholar
[8] Chen Xinyun, Liu Chang, Li Bo, Lu Kimberly, and Song Dawn. 2017. Targeted backdoor attacks on deep learning systems using data poisoning. Retrieved from https://arXiv:1712.05526Google Scholar
[9] Chen Xinyun, Liu Chang, Li Bo, Lu Kimberly, and Song Dawn. 2017. Targeted backdoor attacks on deep learning systems using data poisoning. Retrieved from https://arXiv:1712.05526Google Scholar
[10] Cheng Miaomiao, Jing Liping, and Ng Michael K.. 2020. Robust unsupervised cross-modal hashing for multimedia retrieval. ACM Trans. Info. Syst. 38, 3 (2020), 1–25.Google ScholarDigital Library
[11] Chua TatSeng, Tang Jinhui, Hong Richang, Li Haojie, Luo Zhiping, and Zheng Yantao. 2009. NUS-WIDE: A real-world web image database from national university of singapore. In Proceedings of the ACM International Conference on Image and Video Retrieval. 1–9.Google ScholarDigital Library
[12] Ding Guiguang, Guo Yuchen, and Zhou Jile. 2014. Collective matrix factorization hashing for multimodal data. In Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition. 2075–2082.Google ScholarDigital Library
[13] Doan Bao Gia, Abbasnejad Ehsan, and Ranasinghe Damith C.. 2020. Februus: Input purification defense against trojan attacks on deep neural network systems. In Proceedings of the Annual Computer Security Applications Conference. 897–912.Google ScholarDigital Library
[14] Gao Kuofeng, Bai Jiawang, Chen Bin, Wu Dongxian, and Xia Shu-Tao. 2021. Clean-label backdoor attack against deep hashing based retrieval. Retrieved from https://arXiv:2109.08868Google Scholar
[15] Goodfellow Ian J., Shlens Jonathon, and Szegedy Christian. 2014. Explaining and harnessing adversarial examples. Retrieved from https://arXiv:1412.6572Google Scholar
[16] Hayase Jonathan, Kong Weihao, Somani Raghav, and Oh Sewoong. 2021. Spectre: Defending against backdoor attacks using robust statistics. In Proceedings of the International Conference on Machine Learning. 4129–4139.Google Scholar
[17] He Kaiming, Chen Xinlei, Xie Saining, Li Yanghao, Dollár Piotr, and Girshick Ross B.. 2022. Masked autoencoders are scalable vision learners. In Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition. 15979–15988.Google ScholarCross Ref
[18] Hu Fan, Chen Aozhu, and Li Xirong. 2023. Towards making a Trojan-Horse attack on text-to-image retrieval. In Proceedings of the IEEE International Conference on Acoustics, Speech and Signal Processing. 1–5.Google ScholarCross Ref
[19] Hu Shengshan, Zhou Ziqi, Zhang Yechao, Zhang Leo Yu, Zheng Yifeng, He Yuanyuan, and Jin Hai. 2022. BadHash: Invisible backdoor attacks against deep hashing with clean label. In Proceedings of the ACM International Conference on Multimedia. 678–686.Google ScholarDigital Library
[20] Huiskes Mark J. and Lew Michael S.. 2008. The MIR flickr retrieval evaluation. In Proceedings of the ACM International Conference on Multimedia Information Retrieval. 39–43.Google ScholarDigital Library
[21] Inkawhich Nathan, Wen Wei, Li Hai (Helen), and Chen Yiran. 2019. Feature space perturbations yield more transferable adversarial examples. In Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition. 7066–7074.Google ScholarCross Ref
[22] Jagielski Matthew, Oprea Alina, Biggio Battista, Liu Chang, Nita-Rotaru Cristina, and Li Bo. 2018. Manipulating machine learning: Poisoning attacks and countermeasures for regression learning. In Proceedings of the IEEE Symposium on Security and Privacy. 19–35.Google ScholarCross Ref
[23] Jiang Qing-Yuan and Li Wu-Jun. 2017. Deep cross-modal hashing. In Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition. 3232–3240.Google ScholarCross Ref
[24] Jin Kaidi, Zhang Tianwei, Shen Chao, Chen Yufei, Fan Ming, Lin Chenhao, and Liu Ting. 2023. Can we mitigate backdoor attack using adversarial detection methods? IEEE Trans. Depend. Secure Comput. 20, 4 (2023), 2867–2881.Google ScholarDigital Library
[25] Kaur Parminder, Pannu Husanbir Singh, and Malhi Avleen Kaur. 2021. Comparative analysis on cross-modal information retrieval: A review. Comput. Sci. Rev. 39 (2021), 100336.Google ScholarCross Ref
[26] Kingma Diederik P. and Ba Jimmy. 2014. Adam: A method for stochastic optimization. Retrieved from https://arXiv:1412.6980Google Scholar
[27] Kurakin Alexey, Goodfellow Ian, and Bengio Samy. 2017. Adversarial examples in the physical world. In Proceedings of the International Conference on Learning Representations. 1–11.Google Scholar
[28] Li Chao, Gao Shangqian, Deng Cheng, Liu Wei, and Huang Heng. 2021. Adversarial attack on deep cross-modal hamming retrieval. In Proceedings of the IEEE International Conference on Computer Vision. 2218–2227.Google ScholarCross Ref
[29] Li Chao, Gao Shangqian, Deng Cheng, Xie De, and Liu Wei. 2019. Cross-modal learning with adversarial samples. Adv. Neural Info. Process. Syst. 32 (2019), 10791–10801.Google Scholar
[30] Li Chao, Tang Haoteng, Deng Cheng, Zhan Liang, and Liu Wei. 2020. Vulnerability vs. reliability: Disentangled adversarial examples for cross-modal learning. In Proceedings of the International Conference on Knowledge Discovery and Data Mining. 421–429.Google ScholarDigital Library
[31] Li Xuelong, Hu Di, and Nie Feiping. 2017. Deep binary reconstruction for cross-modal hashing. In Proceedings of the ACM International Conference on Multimedia. 1398–1406.Google ScholarDigital Library
[32] Li Yiming, Jiang Yong, Li Zhifeng, and Xia Shu-Tao. 2022. Backdoor learning: A survey. IEEE Trans. Neural Netw. Learn. Syst. 35, 1 (2022), 5–22.Google Scholar
[33] Li Yuezun, Li Yiming, Wu Baoyuan, Li Longkang, He Ran, and Lyu Siwei. 2021. Invisible backdoor attack with sample-specific triggers. In Proceedings of the IEEE International Conference on Computer Vision. 16443–16452.Google ScholarCross Ref
[34] Liang MeiYu, Du Junping, Cao Xiaowen, Yu Yang, Lu Kangkang, Xue Zhe, and Zhang Min. 2022. Semantic structure enhanced contrastive adversarial hash network for cross-media representation learning. In Proceedings of the ACM International Conference on Multimedia. 277–285.Google ScholarDigital Library
[35] Lin TsungYi, Maire Michael, Belongie Serge, Hays James, Perona Pietro, Ramanan Deva, Dollár Piotr, and Zitnick C. Lawrence. 2014. Microsoft coco: Common objects in context. In Proceedings of the European Conference on Computer Vision. 740–755.Google ScholarCross Ref
[36] Liu Kang, Dolan-Gavitt Brendan, and Garg Siddharth. 2018. Fine-pruning: Defending against backdooring attacks on deep neural networks. In Proceedings of the International Symposium on Research in Attacks, Intrusions, and Defenses. 273–294.Google ScholarCross Ref
[37] Liu Yunfei, Ma Xingjun, Bailey James, and Lu Feng. 2020. Reflection backdoor: A natural backdoor attack on deep neural networks. In Proceedings of the European Conference on Computer Vision, Vol. 12355. 182–199.Google ScholarDigital Library
[38] Madry Aleksander, Makelov Aleksandar, Schmidt Ludwig, Tsipras Dimitris, and Vladu Adrian. 2017. Towards deep learning models resistant to adversarial attacks. Retrieved from https://arXiv:1706.06083Google Scholar
[39] Thanh Toan Nguyen, Quach Nguyen Duc Khang, Nguyen Thanh Tam, Huynh Thanh Trung, Vu Viet Hung, Nguyen Phi Le, Jo Jun, and Nguyen Quoc Viet Hung. 2023. Poisoning GNN-based recommender systems with generative surrogate-based attacks. ACM Trans. Info. Syst. 41, 3 (2023), 1–24.Google ScholarDigital Library
[40] Pereira Jose Costa, Coviello Emanuele, Doyle Gabriel, Rasiwasia Nikhil, Lanckriet Gert R. G., Levy Roger, and Vasconcelos Nuno. 2013. On the role of correlation and abstraction in cross-modal multimedia retrieval. IEEE Trans. Pattern Anal. Mach. Intell. 36, 3 (2013), 521–535.Google ScholarDigital Library
[41] Shafahi Ali, Huang W. Ronny, Najibi Mahyar, Suciu Octavian, Studer Christoph, Dumitras Tudor, and Goldstein Tom. 2018. Poison frogs! targeted clean-label poisoning attacks on neural networks. Adv. Neural Info. Process. Syst. 31 (2018).Google Scholar
[42] Su Shupeng, Zhong Zhisheng, and Zhang Chao. 2019. Deep joint-semantics reconstructing hashing for large-scale unsupervised cross-modal retrieval. In Proceedings of the IEEE International Conference on Computer Vision. 3027–3035.Google ScholarCross Ref
[43] Suya Fnu, Mahloujifar Saeed, Suri Anshuman, Evans David, and Tian Yuan. 2021. Model-targeted poisoning attacks with provable convergence. In Proceedings of the International Conference on Machine Learning. 10000–10010.Google Scholar
[44] Szegedy Christian, Zaremba Wojciech, Sutskever Ilya, Bruna Joan, Erhan Dumitru, Goodfellow Ian, and Fergus Rob. 2013. Intriguing properties of neural networks. Retrieved from https://arXiv:1312.6199Google Scholar
[45] Tang Ruixiang, Du Mengnan, Liu Ninghao, Yang Fan, and Hu Xia. 2020. An embarrassingly simple approach for trojan attack in deep neural networks. In Proceedings of the ACM SIGKDD International Conference on Knowledge Discovery and Data mining. 218–228.Google ScholarDigital Library
[46] Turner Alexander, Tsipras Dimitris, and Madry Aleksander. 2019. Label-consistent backdoor attacks. Retrieved from https://arXiv:1912.02771Google Scholar
[47] Sonsbeek Tom van and Worring Marcel. 2023. X-TRA: Improving chest X-ray tasks with cross-modal retrieval augmentation. In Proceedings of the International Conference on Information Processing in Medical Imaging. 471–482.Google ScholarDigital Library
[48] Wang Binghui, Cao Xiaoyu, Gong Neil Zhenqiang et al. 2020. On certifying robustness against backdoor attacks via randomized smoothing. Retrieved from https://arXiv:2002.11750Google Scholar
[49] Wang Bolun, Yao Yuanshun, Shan Shawn, Li Huiying, Viswanath Bimal, Zheng Haitao, and Zhao Ben Y.. 2019. Neural cleanse: Identifying and mitigating backdoor attacks in neural networks. In Proceedings of the IEEE Symposium on Security and Privacy. 707–723.Google ScholarCross Ref
[50] Wang Kaiye, Yin Qiyue, Wang Wei, Wu Shu, and Wang Liang. 2016. A comprehensive survey on cross-modal retrieval. Retrieved from https://arXiv:1607.06215Google Scholar
[51] Wang Tianshi, Zhu Lei, Zhang Zheng, Zhang Huaxiang, and Han Junwei. 2023. Targeted adversarial attack against deep cross-modal hashing retrieval. IEEE Trans. Circ. Syst. Video Technol. 33, 10 (2023), 6159–6172.Google ScholarDigital Library
[52] Wang Xunguang, Zhang Zheng, Wu Baoyuan, Shen Fumin, and Lu Guangming. 2021. Prototype-supervised adversarial network for targeted attack of deep hashing. In Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition. 16357–16366.Google ScholarCross Ref
[53] Wei Yanheng, Huang Lianghua, Zhang Yanhao, Zheng Yun, and Pan Pan. 2022. An intelligent advertisement short video production system via multi-modal retrieval. In Proceedings of the International ACM SIGIR Conference on Research and Development in Information Retrieval. 3368–3372.Google ScholarDigital Library
[54] Wu Baoyuan, Chen Hongrui, Zhang Mingda, Zhu Zihao, Wei Shaokui, Yuan Danni, and Shen Chao. 2022. Backdoorbench: A comprehensive benchmark of backdoor learning. Adv. Neural Info. Process. Syst. 35 (2022), 10546–10559.Google Scholar
[55] Wu Baoyuan, Liu Li, Zhu Zihao, Liu Qingshan, He Zhaofeng, and Lyu Siwei. 2023. Adversarial machine learning: A systematic survey of backdoor attack, weight attack and adversarial example. Retrieved from https://arXiv:2302.09457Google Scholar
[56] Wu Chen, Zhang Ruqing, Guo Jiafeng, Rijke Maarten De, Fan Yixing, and Cheng Xueqi. 2023. Prada: Practical black-box adversarial attacks against neural ranking models. ACM Trans. Info. Syst. 41, 4 (2023), 1–27.Google ScholarDigital Library
[57] Xiao Yanru and Wang Cong. 2021. You see what I want you to see: Exploring targeted black-box transferability attack for hash-based image retrieval systems. In Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition. 1934–1943.Google ScholarCross Ref
[58] Xie Chulin, Huang Keli, Chen Pin Yu, and Li Bo. 2020. DBA: Distributed backdoor attacks against federated learning. In Proceedings of the International Conference on Learning Representations.Google Scholar
[59] Xie De, Deng Cheng, Li Chao, Liu Xianglong, and Tao Dacheng. 2020. Multi-task consistency-preserving adversarial hashing for cross-modal retrieval. IEEE Trans. Image Process. 29 (2020), 3626–3637.Google ScholarDigital Library
[60] Xu Zhirong, Wen Shiyang, Wang Junshan, Liu Guojun, Wang Liang, Yang Zhi, Ding Lei, Zhang Yan, Zhang Di, Xu Jian, and Zheng Bo. 2022. AMCAD: Adaptive mixed-curvature representation based advertisement retrieval system. In Proceedings of the IEEE International Conference on Data Engineering. 3439–3452.Google ScholarCross Ref
[61] Yang Erkun, Liu Tongliang, Deng Cheng, and Tao Dacheng. 2018. Adversarial examples for hamming space search. IEEE Trans. Cybernet. 50, 4 (2018), 1473–1484.Google ScholarCross Ref
[62] Zeng Yi, Park Won, Mao Z. Morley, and Jia Ruoxi. 2021. Rethinking the backdoor attacks’ triggers: A frequency perspective. In Proceedings of the IEEE International Conference on Computer Vision. 16453–16461.Google Scholar
[63] Zhang PengFei, Li Yang, Huang Zi, and Xu XinShun. 2022. Aggregation-based graph convolutional hashing for unsupervised cross-modal retrieval. IEEE Trans. Multimedia 24 (2022), 466–479.Google ScholarDigital Library
[64] Zhang Peng-Fei, Bai Guangdong, Yin Hongzhi, and Huang Zi. 2023. Proactive privacy-preserving learning for cross-modal retrieval. ACM Trans. Info. Syst. 41, 2 (2023), 1–23.Google ScholarDigital Library
[65] Zhang Yong, Ou Weihua, Shi Yufeng, Deng Jiaxin, You Xinge, and Wang Anzhi. 2022. Deep medical cross-modal attention hashing. Proc. World Wide Web 25, 4 (2022), 1519–1536.Google ScholarDigital Library
[66] Zhao Mengchen, An Bo, Gao Wei, and Zhang Teng. 2017. Efficient label contamination attacks against black-box learning models. In Proceedings of the International Joint Conference on Artificial Intelligence. 3945–3951.Google ScholarCross Ref
[67] Zhu Lei, Wang Tianshi, Li Fengling, Li Jingjing, Zhang Zheng, and Shen Heng Tao. 2016. Cross-modal retrieval: A systematic review of methods and future directions. Retrieved from https://arXiv:2308.14263Google Scholar
[68] Zhu Lei, Wang Tianshi, Li Jingjing, Zhang Zheng, Shen Jialie, and Wang Xinhua. 2022. Efficient query-based black-box attack against cross-modal hashing retrieval. ACM Trans. Info. Syst. 41, 3 (2022), 1–25.Google Scholar
[69] Zhu Lei, Zheng Chaoqun, Guan Weili, Li Jingjing, Yang Yang, and Shen Heng Tao. 2023. Multi-modal hashing for efficient multimedia retrieval: A survey. IEEE Trans. Knowl. Data Eng. 36, 1 (2023), 239–260.Google Scholar
[70] Zhu Xiaofeng, Huang Zi, Shen Heng Tao, and Zhao Xin. 2013. Linear cross-modal hashing for efficient multimedia search. In Proceedings of the ACM International Conference on Multimedia. 143–152.Google ScholarDigital Library

Index Terms

Invisible Black-Box Backdoor Attack against Deep Cross-Modal Hashing Retrieval
1. Information systems
  1. Information retrieval
    1. Specialized information retrieval
      1. Multimedia and multimodal retrieval

Recommendations

Efficient Query-based Black-box Attack against Cross-modal Hashing Retrieval
Deep cross-modal hashing retrieval models inherit the vulnerability of deep neural networks. They are vulnerable to adversarial attacks, especially for the form of subtle perturbations to the inputs. Although many adversarial attack methods have been ...
Read More
BadHash: Invisible Backdoor Attacks against Deep Hashing with Clean Label
MM '22: Proceedings of the 30th ACM International Conference on Multimedia

Due to its powerful feature learning capability and high efficiency, deep hashing has achieved great success in large-scale image retrieval. Meanwhile, extensive works have demonstrated that deep neural networks (DNNs) are susceptible to adversarial ...
Read More
IMTM: Invisible Multi-trigger Multimodal Backdoor Attack
Natural Language Processing and Chinese Computing
Abstract
Computer Vision and Natural Language Processing have made significant advancements, leading to the emergence of multimodal models that seamlessly integrate diverse input modalities. While these models hold great potential for various applications, ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Published in

ACM Transactions on Information Systems Volume 42, Issue 4
July 2024
751 pages
ISSN:1046-8188
EISSN:1558-2868
DOI:10.1145/3613639
Issue’s Table of Contents

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 26 April 2024
- Online AM: 2 March 2024
- Accepted: 21 February 2024
- Revised: 6 January 2024
- Received: 3 September 2023
Published in tois Volume 42, Issue 4

Check for updates
Author Tags
Backdoor attack
black-box attack
imperceptible trigger
deep cross-modal hashing retrieval
Qualifiers
- research-article
Conference
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 0
  Total Citations
  View Citations
- 165
  Total Downloads
- Downloads (Last 12 months)165
- Downloads (Last 6 weeks)91
Other Metrics
View Author Metrics
Cited By
This publication has not been cited yet

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Full Text

View this article in Full Text.

View Full Text

Invisible Black-Box Backdoor Attack against Deep Cross-Modal Hashing Retrieval

ACM Transactions on Information Systems

Abstract

REFERENCES

Cited By

Index Terms

Recommendations

Efficient Query-based Black-box Attack against Cross-modal Hashing Retrieval

BadHash: Invisible Backdoor Attacks against Deep Hashing with Clean Label

IMTM: Invisible Multi-trigger Multimodal Backdoor Attack

Comments

Login options

Full Access

Published in

Sponsors

In-Cooperation

Publisher

Publication History

Check for updates

Author Tags

Qualifiers

Conference

Funding Sources

Other Metrics

Article Metrics

Other Metrics

Cited By

PDF Format

eReader

Digital Edition

Full Text

Caption

Invisible Black-Box Backdoor Attack against Deep Cross-Modal Hashing Retrieval

ACM Transactions on Information Systems

Abstract

REFERENCES

Cited By

Index Terms

Recommendations

Efficient Query-based Black-box Attack against Cross-modal Hashing Retrieval

BadHash: Invisible Backdoor Attacks against Deep Hashing with Clean Label

IMTM: Invisible Multi-trigger Multimodal Backdoor Attack

Comments

Login options

Full Access

Published in

Sponsors

In-Cooperation

Publisher

Publication History

Check for updates

Author Tags

Qualifiers

Conference

Funding Sources

Article Metrics

Other Metrics

PDF Format

eReader

Digital Edition

Full Text

Share this Publication link

Share on Social Media