Single-Side Domain Generalization for Face Anti-Spoofing (2004.14043v1)

Abstract: Existing domain generalization methods for face anti-spoofing endeavor to extract common differentiation features to improve the generalization. However, due to large distribution discrepancies among fake faces of different domains, it is difficult to seek a compact and generalized feature space for the fake faces. In this work, we propose an end-to-end single-side domain generalization framework (SSDG) to improve the generalization ability of face anti-spoofing. The main idea is to learn a generalized feature space, where the feature distribution of the real faces is compact while that of the fake ones is dispersed among domains but compact within each domain. Specifically, a feature generator is trained to make only the real faces from different domains undistinguishable, but not for the fake ones, thus forming a single-side adversarial learning. Moreover, an asymmetric triplet loss is designed to constrain the fake faces of different domains separated while the real ones aggregated. The above two points are integrated into a unified framework in an end-to-end training manner, resulting in a more generalized class boundary, especially good for samples from novel domains. Feature and weight normalization is incorporated to further improve the generalization ability. Extensive experiments show that our proposed approach is effective and outperforms the state-of-the-art methods on four public databases.

Single-Side Domain Generalization for Face Anti-Spoofing: An Overview

This paper addresses a critical challenge in face recognition technology—face anti-spoofing—by proposing a novel framework termed Single-Side Domain Generalization (SSDG). Face anti-spoofing is essential because face recognition systems are vulnerable to various presentation attacks, such as print, video, and 3D mask attacks. These attacks pose considerable security risks, making robust face anti-spoofing methods crucial for systems relying on biometric authentication.

Traditional domain generalization (DG) strategies for face anti-spoofing typically aim to extract shared features across domains to improve generalization. However, the authors identify a problem with these methods: the distribution discrepancies among fake faces from different domains make it challenging to create a generalized feature space that includes both real and fake faces. Thus, the SSDG framework is specifically designed to overcome this limitation by focusing on asymmetric optimization goals for real and fake faces.

Core Contributions

1. Single-Side Adversarial Learning: The SSDG framework incorporates a single-side adversarial learning approach, which compacts the distribution of real faces across all domains while allowing the distribution of fake faces to remain dispersed. This is achieved by training a feature generator in an adversarial manner against a domain discriminator, but only for real faces. This differentiation helps in learning a more robust feature space that can generalize better to novel domains.
2. Asymmetric Triplet Loss: To further capitalize on the distinct characteristics of real and fake faces, the authors introduce an asymmetric triplet loss. This loss separates fake faces of different domains and simultaneously aggregates real faces, ensuring that within the generalizable feature space, fake faces are more dispersed while real faces are compact. This contributes to achieving a class boundary that generalizes effectively to unseen domains.
3. Feature and Weight Normalization: The framework includes normalization techniques to enhance the model's robustness. Feature normalization addresses variability in image quality across domains by ensuring uniform feature norms. Additionally, weight normalization is applied to facilitate discriminative learning by fixing the length of the weight vectors, leading to a more consistent decision boundary.

Experimental Results and Implications

Through extensive experiments on four public databases (OULU-NPU, CASIA-FASD, Idiap Replay-Attack, and MSU-MFSD), the SSDG framework demonstrates superior performance compared to existing methods. The framework achieves notable improvements in Half Total Error Rate (HTER) and Area Under Curve (AUC) metrics across various testing scenarios. The paper also provides visualizations like Grad-CAM and t-SNE plots to illustrate the effectiveness of feature distribution achieved by SSDG.

These numerical results highlight the practical implications of the framework: by adopting asymmetric learning strategies that account for the intrinsic differences between real and fake face distributions, face anti-spoofing systems can achieve enhanced generalization capabilities without prior knowledge of the target domain.

Future Prospects

The SSDG framework opens multiple avenues for future exploration. Further refinement of asymmetric learning goals might involve dividing fake faces based on attack types rather than domains, which could refine the framework's ability to generalize to unseen presentation attack types. Additionally, integrating the SSDG approach with more advanced network architectures holds potential for even greater improvements in performance.

In conclusion, this work significantly contributes to the domain of face anti-spoofing by providing a robust solution to the challenges of domain generalization, emphasizing the need for differentiated treatment of real and fake face distributions to improve overall system robustness.