Abstract

With the growing number of tasks solved using deep learning methods, the need for protection against unauthorized distribution of the intellectual property such as pre-trained models of deep neural networks is growing. To date, one of the most common ways to protect copyright in the digital space is through embedding digital watermarks. When solving the problem of watermark embedding, an important criterion is the preservation of the model prediction accuracy after introducing the protective information. In this paper, we propose a method for embedding digital watermarks into image classification models based on adding images obtained by superimposing pseudo-holograms on images of the original dataset to the training set. A pseudo-hologram is an image synthesized on the basis of a given binary sequence by arranging pulses for bit encoding in the spectral region. Results of the experimental study show that the proposed method allows one to maintain the classification quality, while also retaining its performance regardless of the architecture of the protected neural network. The conducted series of attacks on protected models show that attempts of an attacker to completely remove the watermark will almost inevitably lead to a significant loss in the model prediction quality. The results of the experiments also include recommendations on the choice of method parameters, such as the size of the trigger and training sets, as well as the length of sequences encoded by pseudo-holograms.

Full Text
Paper version not known

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Assessment of Therapeutic Responses Using a Deep Neural Network Based on 18F-FDG PET and Blood Inflammatory Markers in Pyogenic Vertebral Osteomyelitis.
Hyunkwang Shin ... Eunjung Kong
Medicina (Kaunas, Lithuania) | VOL. 58
Hyunkwang Shin, et. al.Hyunkwang Shin ... Eunjung Kong
21 Nov 2022
Transfer learning model for estimating site amplification factors from limited microtremor H/V spectral ratios
Da Pan ... Hiroyuki Miura
Geophysical Journal International | VOL. -
Da Pan, et. al.Da Pan ... Hiroyuki Miura
22 Feb 2024
Comparison of ARIMA model, DNN model and LSTM model in predicting disease burden of occupational pneumoconiosis in Tianjin, China
He-Ren Lou ... Ya Gao
BMC Public Health | VOL. 22
He-Ren Lou, et. al.He-Ren Lou ... Ya Gao
24 Nov 2022
RETRACTED: Research on environmental landscape design based on virtual reality technology and deep learning
Tao Zhang
Microprocessors and Microsystems | VOL. 81
Tao ZhangTao Zhang
29 Dec 2020
View more papers

More From: Computer Optics

Paper Title
Journal
Date
Author
Insight into plasmonics: resurrection of modern-day science (invited)
... M.A Butt
Computer Optics | VOL. 48
, et. al. ... M.A Butt
01 Feb 2024
Focusing of linearly polarized optical vortex and a Hall effect
V.V Kotlyar ... A.G Nalimov
Computer Optics | VOL. 48
V.V Kotlyar, et. al.V.V Kotlyar ... A.G Nalimov
01 Feb 2024
An approach to dynamic visualization of heterogeneous geospatial vector images
A.V Vorobev ... G.R Vorobeva
Computer Optics | VOL. 48
A.V Vorobev, et. al.A.V Vorobev ... G.R Vorobeva
01 Feb 2024
Intelligent methods for natural data analysis: application to space weather
O.V Mandrikova
Computer Optics | VOL. 48
O.V MandrikovaO.V Mandrikova
01 Feb 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.