A Secure Fingerprinting Framework for Distributed Image Classification
Autor: | Xu, Guowen, Han, Xingshuo, Zhang, Anguo, Zhang, Tianwei |
---|---|
Rok vydání: | 2022 |
Předmět: | |
Druh dokumentu: | Working Paper |
Popis: | The deep learning (DL) technology has been widely used for image classification in many scenarios, e.g., face recognition and suspect tracking. Such a highly commercialized application has given rise to intellectual property protection of its DL model. To combat that, the mainstream method is to embed a unique watermark into the target model during the training process. However, existing efforts focus on detecting copyright infringement for a given model, while rarely consider the problem of traitors tracking. Moreover, the watermark embedding process can incur privacy issues for the training data in a distributed manner. In this paper, we propose SECUREMARK-DL, a novel fingerprinting framework to address the above two problems in a distributed learning environment. It embeds a unique fingerprint into the target model for each customer, which can be extracted and verified from any suspicious model once a dispute arises. In addition, it adopts a new privacy partitioning technique in the training process to protect the training data privacy. Extensive experiments demonstrate the robustness of SECUREMARK-DL against various attacks, and its high classification accuracy (> 95%) even if a long-bit (304-bit) fingerprint is embedded into an input image. Comment: need new formal analysis |
Databáze: | arXiv |
Externí odkaz: |