Lack of generalization to unseen domains/attacks is the Achilles heel of most face presentation attack detection (FacePAD) algorithms. Existing attempts to enhance the generalizability of FacePAD solutions assume that data from multiple source domains are available with a single entity to enable centralized training. In practice, data from different source domains may be collected by diverse entities, who are often unable to share their data due to legal and privacy constraints. While collaborative learning paradigms such as federated learning (FL) can overcome this problem, standard FL methods are ill-suited for domain generalization because they struggle to surmount the twin challenges of handling non-iid client data distributions during training and generalizing to unseen domains during inference. In this work, a novel framework called Federated Split learning with Intermediate representation Sampling (FedSIS) is introduced for privacy-preserving domain generalization. In FedSIS, a hybrid Vision Transformer (ViT) architecture is learned using a combination of FL and split learning to achieve robustness against statistical heterogeneity in the client data distributions without any sharing of raw data (thereby preserving privacy). To further improve generalization to unseen domains, a novel feature augmentation strategy called intermediate representation sampling is employed, and discriminative information from intermediate blocks of a ViT is distilled using a shared adapter network. The FedSIS approach has been evaluated on two well-known benchmarks for cross-domain FacePAD to demonstrate that it is possible to achieve state-of-the-art generalization performance without data sharing. Code: https://github.com/Naiftt/FedSIS

翻译：缺乏对未知域/攻击的泛化能力是人脸呈现攻击检测（FacePAD）算法的致命弱点。现有增强FacePAD解决方案泛化能力的尝试假设多个源域的数据可由单一实体获取以实现集中式训练。在实践中，不同源域的数据可能由不同实体收集，这些实体往往因法律和隐私约束而无法共享数据。尽管联邦学习等协作学习范式可解决此问题，但标准联邦学习方法因难以克服训练时处理非独立同分布客户端数据分布与推理时泛化至未知域的双重挑战，不适用于域泛化。本文提出一种新颖的框架——联邦分割学习与中间表示采样（FedSIS），用于隐私保护的域泛化。在FedSIS中，通过联邦学习与分割学习的组合训练混合视觉Transformer架构，在不共享原始数据（从而保护隐私）的前提下，实现对客户端数据分布统计异质性的鲁棒性。为进一步提升对未知域的泛化能力，采用名为中间表示采样的新颖特征增强策略，并通过共享适配器网络蒸馏视觉Transformer中间块的判别性信息。该FedSIS方法已在两个公认的跨域人脸呈现攻击检测基准上评估，证明无需数据共享即可实现最先进的泛化性能。代码：https://github.com/Naiftt/FedSIS