Metric learning versus classification for facial recognition model robustness against adversarial attack

Abstract

Facial recognition using deep learning models has gained much attention because of its high performance and ability to represent features in the most abstract manner enabling the models to extract the most important features. Researchers found that these deep learning models are susceptible to adversarial attacks, which have the ability to fool them into producing incorrect outputs. Many researchers have looked into methods to make these models robust. Still, they mainly focus on classification models, and adversarial attacks on metric learning models have not received as much attention. In this research, the vulnerability of classification and metric learning models against adversarial attacks was compared.Various adversarial techniques were explored to assess their effects on classification and metric learning approaches in the context of improving model robustness against multiple attacks. The performance comparison revealed that the triplet loss with ResNet-50 backbone outperformed all other models, while the SENet with Cross-Entropy exhibited the lowest performance among the approaches studied.