{"title":"DNN Watermarking: Four Challenges and a Funeral","authors":"M. Barni, F. Pérez-González, B. Tondi","doi":"10.1145/3437880.3460399","DOIUrl":null,"url":null,"abstract":"The demand for methods to protect the Intellectual Property Rights (IPR) associated to Deep Neural Networks (DNNs) is rising. Watermarking has been recently proposed as a way to protect the IPR of DNNs and track their usages. Although a number of techniques for media watermarking have been proposed and developed over the past decades, their direct translation to DNN watermarking faces the problem of the embedding being carried out on functionals instead of signals. This originates differences not only in the way performance, robustness and unobtrusiveness are measured, but also on the embedding domain, since there is the possibility of hiding information in the model behavior. In this paper, we discuss these dissimilarities that lead to a DNN-specific taxonomy of watermarking techniques. Then, we present four challenges specific to DNN watermarking that, for their practical importance and theoretical interest, should occupy the agenda of researchers in the next years. Finally, we discuss some bad practices that negatively affected research in media watermarking and that should not be repeated in the case of DNNs.","PeriodicalId":120300,"journal":{"name":"Proceedings of the 2021 ACM Workshop on Information Hiding and Multimedia Security","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2021-06-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"16","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2021 ACM Workshop on Information Hiding and Multimedia Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3437880.3460399","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 16
Abstract
The demand for methods to protect the Intellectual Property Rights (IPR) associated to Deep Neural Networks (DNNs) is rising. Watermarking has been recently proposed as a way to protect the IPR of DNNs and track their usages. Although a number of techniques for media watermarking have been proposed and developed over the past decades, their direct translation to DNN watermarking faces the problem of the embedding being carried out on functionals instead of signals. This originates differences not only in the way performance, robustness and unobtrusiveness are measured, but also on the embedding domain, since there is the possibility of hiding information in the model behavior. In this paper, we discuss these dissimilarities that lead to a DNN-specific taxonomy of watermarking techniques. Then, we present four challenges specific to DNN watermarking that, for their practical importance and theoretical interest, should occupy the agenda of researchers in the next years. Finally, we discuss some bad practices that negatively affected research in media watermarking and that should not be repeated in the case of DNNs.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
