Constraint-optimized keypoint inhibition/insertion attack: security threat to scale-space image feature extraction

Abstract

Scale-space image feature extraction (SSIFE) has been widely adopted in broad areas due to its powerful resilience to attacks. However, the security threat to SSIFE-based applications, which will be addressed in this paper, is relatively unexplored. The security threat to SSIFT (called ST-SSIFE), composed of a constrained-optimization keypoint inhibition attack (KIHA) and a keypoint insertion attack (KISA), is specifically designed in this paper for scale-space feature extraction methods, such as SIFT and SURF. In ST-SSIFE, KIHA aims at making a fool of feature extraction protocols in that the detection rules are purposely violated so as to suppress the existence of a local maximum around a local region. We show that KIHA can be accomplished quickly via Lagrange multiplier but the resultant new keypoint generation (NKG) problem can be solved via Karush Kuhn Tucker (KKT) conditions. In order to leverage among keypoint removal with minimum distortion, suppression of NKG, and complexity, we further present a hybrid scheme of integrating Lagrange multiplier and KKT conditions. On the other hand, KISA is designed via an efficient coarse-to-fine descriptor matching strategy to yield fake feature points so as to create false positives. Experiments, conducted on keypoint removal rate evaluation and an image copy detection method operating on a web-scale image database as a case study, demonstrate the feasibility of our method.