FedReverse: Multiparty Reversible Deep Neural Network Watermarking
CoRR(2023)
摘要
The proliferation of Deep Neural Networks (DNN) in commercial applications is
expanding rapidly. Simultaneously, the increasing complexity and cost of
training DNN models have intensified the urgency surrounding the protection of
intellectual property associated with these trained models. In this regard, DNN
watermarking has emerged as a crucial safeguarding technique. This paper
presents FedReverse, a novel multiparty reversible watermarking approach for
robust copyright protection while minimizing performance impact. Unlike
existing methods, FedReverse enables collaborative watermark embedding from
multiple parties after model training, ensuring individual copyright claims. In
addition, FedReverse is reversible, enabling complete watermark removal with
unanimous client consent. FedReverse demonstrates perfect covering, ensuring
that observations of watermarked content do not reveal any information about
the hidden watermark. Additionally, it showcases resistance against Known
Original Attacks (KOA), making it highly challenging for attackers to forge
watermarks or infer the key. This paper further evaluates FedReverse through
comprehensive simulations involving Multi-layer Perceptron (MLP) and
Convolutional Neural Networks (CNN) trained on the MNIST dataset. The
simulations demonstrate FedReverse's robustness, reversibility, and minimal
impact on model accuracy across varying embedding parameters and multiple
client scenarios.
更多查看译文
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要