Robust Watermarking for Neural Network Models Using Residual Network

被引:1
|
作者
Wang, Lecong [1 ]
Wang, Zichi [2 ]
Li, Xinran [1 ]
Qin, Chuan [1 ]
机构
[1] Univ Shanghai Sci & Technol, Sch Opt Elect & Comp Engn, Shanghai, Peoples R China
[2] Shanghai Univ, Sch Commun & Informat Engn, Shanghai, Peoples R China
来源
2022 IEEE 24TH INTERNATIONAL WORKSHOP ON MULTIMEDIA SIGNAL PROCESSING (MMSP) | 2022年
基金
中国国家自然科学基金; 上海市自然科学基金;
关键词
Digital watermarking; robustness; neural networks; residual block;
D O I
10.1109/MMSP55362.2022.9949601
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
The training process of a neural network model requires plenty of costs, and so the intellectual property of neural network models should be protected. To this end, we propose a robust watermarking scheme for neural network models in this paper. In our scheme, an independent network is specially designed to help embedding watermarks into a given host network, and also be used for watermark extraction. The independent network is designed based on the residual structure which is sensitive to the parameter changes of the host network and conducive to finding suitable embedding locations. In addition, some residual blocks are randomly discarded during watermark embedding, which can increase the robustness against popular model attacks. Experimental results show that our scheme achieves satisfactory watermark verification performance without decreasing the original performance of the host network, even if the host network has been maliciously tampered.
引用
收藏
页数:6
相关论文
共 50 条
  • [21] Neural network based robust image watermarking technique in LWT domain
    Islam, Mohiul
    Roy, Amarjit
    Laskar, Rabul Hussain
    JOURNAL OF INTELLIGENT & FUZZY SYSTEMS, 2018, 34 (03) : 1691 - 1700
  • [22] A robust approach of watermarking in contourlet domain based on probabilistic neural network
    Jia-Xing Liu
    Xian-bin Wen
    Li-Ming Yuan
    Hai-Xia Xu
    Multimedia Tools and Applications, 2017, 76 : 24009 - 24026
  • [23] Copyright protection of deep neural network models using digital watermarking: a comparative study
    Alaa Fkirin
    Gamal Attiya
    Ayman El-Sayed
    Marwa A. Shouman
    Multimedia Tools and Applications, 2022, 81 : 15961 - 15975
  • [24] Copyright protection of deep neural network models using digital watermarking: a comparative study
    Fkirin, Alaa
    Attiya, Gamal
    El-Sayed, Ayman
    Shouman, Marwa A.
    MULTIMEDIA TOOLS AND APPLICATIONS, 2022, 81 (11) : 15961 - 15975
  • [25] Deep neural network-based robust hologram watermarking using guided attack module
    Lee, EunSeong
    Piao, ZhengHui
    Sim, Donggyu
    Seo, Young-Ho
    EXPERT SYSTEMS WITH APPLICATIONS, 2024, 249
  • [26] Robust Black-box Watermarking for Deep Neural Network using Inverse Document Frequency
    Yadollahi, Mohammad Mehdi
    Shoeleh, Farzaneh
    Dadkhah, Sajjad
    Ghorbani, Ali A.
    2021 IEEE INTL CONF ON DEPENDABLE, AUTONOMIC AND SECURE COMPUTING, INTL CONF ON PERVASIVE INTELLIGENCE AND COMPUTING, INTL CONF ON CLOUD AND BIG DATA COMPUTING, INTL CONF ON CYBER SCIENCE AND TECHNOLOGY CONGRESS DASC/PICOM/CBDCOM/CYBERSCITECH 2021, 2021, : 574 - 581
  • [27] Using counter-propagation neural network for robust digital audio watermarking in DWT domain
    Chuan-Yu Chang
    Wen-Chih Shen
    Hung-Jen Wang
    2006 IEEE INTERNATIONAL CONFERENCE ON SYSTEMS, MAN, AND CYBERNETICS, VOLS 1-6, PROCEEDINGS, 2006, : 1214 - 1219
  • [28] Image watermarking capacity analysis using neural network
    Zhang, F
    Zhang, HB
    IEEE/WIC/ACM INTERNATIONAL CONFERENCE ON WEB INTELLIGENCE (WI 2004), PROCEEDINGS, 2004, : 461 - 464
  • [29] Adaptive digital watermarking using neural network technique
    Lou, DC
    Liu, JL
    Hu, MC
    37TH ANNUAL 2003 INTERNATIONAL CARNAHAN CONFERENCE ON SECURITY TECHNOLOGY, PROCEEDINGS, 2003, : 325 - 332
  • [30] Interpreting neural network models of residual scalar flux
    Portwood, G. D.
    Nadiga, B. T.
    Saenz, J. A.
    Livescu, D.
    JOURNAL OF FLUID MECHANICS, 2021, 907
12345