Model Inversion Attack Against Deep Hashing
2025 Β· Dongdong Zhao, Qiben Xu, Ranxin Fang, et al.
Abstract
Deep hashing improves retrieval efficiency through compact binary codes, yet it introduces severe and often overlooked privacy risks. The ability to reconstruct original training data from hash codes could lead to serious threats such as biometric forgery and privacy breaches. However, model inversion attacks specifically targeting deep hashing models remain unexplored, leaving their security implications unexamined. This research gap stems from the inaccessibility of genuine training hash codes and the highly discrete Hamming space, which prevents existing methods from adapting to deep hashing. To address these challenges, we propose DHMI, the first diffusion-based model inversion framework designed for deep hashing. DHMI first clusters an auxiliary dataset to derive semantic hash centers as surrogate anchors. It then introduces a surrogate-guided denoising optimization method that leverages a novel attack metric (fusing classification consistency and hash proximity) to dynamically se
Authors
(none)
Tags
Stats
Related papers
- Darkhash: A Data-free Backdoor Attack Against Deep Hashing (2025)2.26
- Diffhash: Text-guided Targeted Attack Via Diffusion Models Against Deep Hashing Image Retrieval (2025)0.00
- Clean Image May Be Dangerous: Data Poisoning Attacks Against Deep Hashing (2025)0.00
- Badhash: Invisible Backdoor Attacks Against Deep Hashing With Clean Label (2022)11.19
- Semantic-aware Adversarial Training For Reliable Deep Hashing Retrieval (2023)13.49
- Targeted Attack For Deep Hashing Based Retrieval (2020)13.65
- HHF: Hashing-guided Hinge Function For Deep Hashing Retrieval (2021)14.24
- Deep Self-adaptive Hashing For Image Retrieval (2021)8.35