Advancing Deep Metric Learning With Adversarial Robustness

Deep Metric Learning (DML) is a prominent subfield of machine learning with extensive practical applications in learning visual similarities. However, DML systems are vulnerable to input distributions during inference that differ from the training data, such as adversarial examples (AXs). In this paper, we introduce MDProp, a framework that enhances the clean data performance and adversarial robustness of DML models by generating novel Multi-Targeted AXs and Unadversarial Examples, in addition to conventional single-targeted AXs, in the feature space. To handle the input distribution shift caused by the generated novel input distributions, MDProp scales the separate batch normalization layer strategy. Our comprehensive experimental analysis demonstrates that MDProp outperforms current state-of-the-art convolutional neural networks by up to 2.95% in terms of R@1 scores for clean data, while simultaneously improving adversarial robustness by up to 2.12 times. Additionally, MDProp achieves state-of-the-art results in data-scarce setting while utilizing only half of the training data. Implementation is available at \url{https://github.com/intherejeet/MDProp}.