Paper Image

Probabilistic verification of neural network ownership

Published on:

16 January 2024

Primary Category:

Cryptography and Security

Paper Authors:

Mikhail Pautov,

Nikita Bogdanov,

Stanislav Pyatkin,

Oleg Rogov,

Ivan Oseledets

Bullets

Key Details

Proposes trigger set-based watermarking resilient to functionality stealing

Computes trigger set transferable to proxy models mimicking stolen copies

Does not require additional model training or specific architecture

Outperforms state-of-the-art watermarking techniques

AI generated summary

Probabilistic verification of neural network ownership

This paper introduces a novel trigger set-based watermarking approach to confirm ownership of stolen deep learning models. The key idea is computing a trigger set transferable from the source model to proxy models that mimic stolen copies. Experiments show the approach is resilient to functionality stealing attacks and outperforms state-of-the-art watermarking techniques.

Answers from this paper

Comments

No comments yet, be the first to start the conversation...

Sign up to comment on this paper

Sign Up