Abstract
As the demand for shared pre-trained deep neural network models continues to rise, safeguarding the intellectual property of models is also increasingly significant. While existing studies predominantly concentrate on protecting pre-trained image recognition models, limited research covers pre-trained speech recognition models. In this paper, we propose the black-box watermark method to authenticate the ownership of speech recognition models. This method can mitigate the risk of unauthorized AI services being created by attackers who gain access to the pre-trained model. Accordingly, we present three watermarking methods: Gaussian noise watermark, extreme frequency Gaussian noise watermark, and unrelated audio watermark. These generated watermarks, embedded into models through training or fine-tuning, exhibit remarkable fidelity and effectiveness, backed by rigorous experimental validation. Furthermore, our experiments reveal that the extreme frequency noise backdoor enhances the robustness of the watermark compared to the Gaussian noise and unrelated audio watermark.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
