DeepWatermark: Embedding Watermark into DNN Model

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Citations (Scopus)

Abstract

For the protection of trained deep neural network(DNN) model, it has been studied to embed a watermark into the weights of DNN. However, the amount of changes in the weights is large in the conventional methods. In addition, it is reported that the presence of hidden watermark can be detected from the analysis of weight variance, and that the watermark can be modified by effectively adding noise to the weight. In this paper, we focus on the fully-connected layers and apply a quantization-based watermarking method to the weights sampled from the layers. The advantage of the proposed method is that the changes caused by embedding watermark is much smaller and measurable. This is effective against the problems of previous works. The validity of the proposed method is quantitatively evaluated by changing the conditions during the training of DNN model. The results include the impact of training for DNN model, effective embedding method, and high robustness.

Original languageEnglish
Title of host publication2020 Asia-Pacific Signal and Information Processing Association Annual Summit and Conference, APSIPA ASC 2020 - Proceedings
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages1340-1346
Number of pages7
ISBN (Electronic)9789881476883
Publication statusPublished - Dec 7 2020
Event2020 Asia-Pacific Signal and Information Processing Association Annual Summit and Conference, APSIPA ASC 2020 - Virtual, Auckland, New Zealand
Duration: Dec 7 2020Dec 10 2020

Publication series

Name2020 Asia-Pacific Signal and Information Processing Association Annual Summit and Conference, APSIPA ASC 2020 - Proceedings

Conference

Conference2020 Asia-Pacific Signal and Information Processing Association Annual Summit and Conference, APSIPA ASC 2020
Country/TerritoryNew Zealand
CityVirtual, Auckland
Period12/7/2012/10/20

ASJC Scopus subject areas

  • Artificial Intelligence
  • Computer Networks and Communications
  • Computer Vision and Pattern Recognition
  • Hardware and Architecture
  • Signal Processing
  • Decision Sciences (miscellaneous)
  • Instrumentation

Fingerprint

Dive into the research topics of 'DeepWatermark: Embedding Watermark into DNN Model'. Together they form a unique fingerprint.

Cite this