Robust Watermarking for Neural Network Models Using Residual Network

被引:1
|
作者
Wang, Lecong [1 ]
Wang, Zichi [2 ]
Li, Xinran [1 ]
Qin, Chuan [1 ]
机构
[1] Univ Shanghai Sci & Technol, Sch Opt Elect & Comp Engn, Shanghai, Peoples R China
[2] Shanghai Univ, Sch Commun & Informat Engn, Shanghai, Peoples R China
来源
2022 IEEE 24TH INTERNATIONAL WORKSHOP ON MULTIMEDIA SIGNAL PROCESSING (MMSP) | 2022年
基金
中国国家自然科学基金; 上海市自然科学基金;
关键词
Digital watermarking; robustness; neural networks; residual block;
D O I
10.1109/MMSP55362.2022.9949601
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
The training process of a neural network model requires plenty of costs, and so the intellectual property of neural network models should be protected. To this end, we propose a robust watermarking scheme for neural network models in this paper. In our scheme, an independent network is specially designed to help embedding watermarks into a given host network, and also be used for watermark extraction. The independent network is designed based on the residual structure which is sensitive to the parameter changes of the host network and conducive to finding suitable embedding locations. In addition, some residual blocks are randomly discarded during watermark embedding, which can increase the robustness against popular model attacks. Experimental results show that our scheme achieves satisfactory watermark verification performance without decreasing the original performance of the host network, even if the host network has been maliciously tampered.
引用
收藏
页数:6
相关论文
共 50 条
  • [31] Robust adaptive beamforming via residual convolutional neural network
    Liu, Fulai
    Qin, Dongbao
    Li, Xubin
    Du, Yufeng
    Dou, Xiuquan
    Du, Ruiyan
    INTERNATIONAL JOURNAL OF MICROWAVE AND WIRELESS TECHNOLOGIES, 2024, 16 (06) : 1024 - 1032
  • [32] Neural Network Verification Using Residual Reasoning
    Elboher, Yizhak Yisrael
    Cohen, Elazar
    Katz, Guy
    SOFTWARE ENGINEERING AND FORMAL METHODS, SEFM 2022, 2022, 13550 : 173 - 189
  • [33] Gaze Estimation Using Residual Neural Network
    Wong, En Teng
    Yean, Seanglidet
    Hu, Qingyao
    Lee, Bu Sung
    Liu, Jigang
    Deepu, Rajan
    2019 IEEE INTERNATIONAL CONFERENCE ON PERVASIVE COMPUTING AND COMMUNICATIONS WORKSHOPS (PERCOM WORKSHOPS), 2019, : 411 - 414
  • [34] How robust are neural network models of stimulus generalization?
    Franks, Daniel W.
    Ruxton, Graeme D.
    BIOSYSTEMS, 2008, 92 (02) : 175 - 181
  • [35] An artificial neural network-based scheme for robust watermarking of audio signals
    Yang, HJ
    Patra, JC
    Chan, CW
    2002 IEEE INTERNATIONAL CONFERENCE ON ACOUSTICS, SPEECH, AND SIGNAL PROCESSING, VOLS I-IV, PROCEEDINGS, 2002, : 1029 - 1032
  • [36] Securing IP in edge AI: neural network watermarking for multimodal models
    Nie, Hewang
    Lu, Songfeng
    APPLIED INTELLIGENCE, 2024, 54 (21) : 10455 - 10472
  • [37] Audio Watermarking Algorithm Robust to TSM Based on Counter Propagation Neural Network
    Jin, Wenbiao
    Dai, Hongliang
    Zhang, Zhifeng
    PROCEEDINGS OF THE 2009 2ND INTERNATIONAL CONGRESS ON IMAGE AND SIGNAL PROCESSING, VOLS 1-9, 2009, : 1480 - +
  • [38] Robust image watermarking scheme with general regression neural network and FCM algorithm
    Jing, Li
    Liu, Fenlin
    Liu, Bin
    ADVANCED INTELLIGENT COMPUTING THEORIES AND APPLICATIONS, PROCEEDINGS: WITH ASPECTS OF THEORETICAL AND METHODOLOGICAL ISSUES, 2008, 5226 : 243 - +
  • [39] Robust Malware Detection using Residual Attention Network
    Ganesan, Shamika
    Ravi, Vinayakumar
    Krichen, Moez
    Sowmya, V
    Alroobaea, Roobaea
    Soman, K. P.
    2021 IEEE INTERNATIONAL CONFERENCE ON CONSUMER ELECTRONICS (ICCE), 2021,
  • [40] Image watermarking capacity analysis using Hopfield neural network
    Zhang, F
    Zhang, HB
    ADVANCES IN MULTIMEDIA INFORMATION PROCESSING - PCM 2004, PT 3, PROCEEDINGS, 2004, 3333 : 755 - 762
12345