Long Dai, Jiarong Mao, Liao Xu, Xuefeng Fan, Xiaoyi Zhou
{"title":"平衡NLP模型水印的鲁棒性和隐蔽性:一种多任务学习方法","authors":"Long Dai, Jiarong Mao, Liao Xu, Xuefeng Fan, Xiaoyi Zhou","doi":"10.1109/ISCC58397.2023.10218209","DOIUrl":null,"url":null,"abstract":"The popularity of ChatGPT demonstrates the immense commercial value of natural language processing (NLP) technology. However, NLP models are vulnerable to piracy and redistribution, which harms the economic interests of model owners. Existing NLP model watermarking schemes struggle to balance robustness and covertness. Robust watermarking require embedding more information, which compromises their covertness; conversely, covert watermarking are challenging to embed more information, which affects their robustness. This paper proposes an NLP model watermarking framework that uses multi-task learning to address the conflict between robustness and covertness in existing schemes. Specifically, a covert trigger set is established to implement remote verification of the watermark model, and a covert auxiliary network is designed to enhance the watermark model's robustness. The proposed watermarking framework is evaluated on two benchmark datasets and three mainstream NLP models. The experiments validate the frame-work's excellent covertness, robustness, and low false positive rate.","PeriodicalId":265337,"journal":{"name":"2023 IEEE Symposium on Computers and Communications (ISCC)","volume":"21 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-07-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Balancing Robustness and Covertness in NLP Model Watermarking: A Multi-Task Learning Approach\",\"authors\":\"Long Dai, Jiarong Mao, Liao Xu, Xuefeng Fan, Xiaoyi Zhou\",\"doi\":\"10.1109/ISCC58397.2023.10218209\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The popularity of ChatGPT demonstrates the immense commercial value of natural language processing (NLP) technology. However, NLP models are vulnerable to piracy and redistribution, which harms the economic interests of model owners. Existing NLP model watermarking schemes struggle to balance robustness and covertness. Robust watermarking require embedding more information, which compromises their covertness; conversely, covert watermarking are challenging to embed more information, which affects their robustness. This paper proposes an NLP model watermarking framework that uses multi-task learning to address the conflict between robustness and covertness in existing schemes. Specifically, a covert trigger set is established to implement remote verification of the watermark model, and a covert auxiliary network is designed to enhance the watermark model's robustness. The proposed watermarking framework is evaluated on two benchmark datasets and three mainstream NLP models. The experiments validate the frame-work's excellent covertness, robustness, and low false positive rate.\",\"PeriodicalId\":265337,\"journal\":{\"name\":\"2023 IEEE Symposium on Computers and Communications (ISCC)\",\"volume\":\"21 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-07-09\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2023 IEEE Symposium on Computers and Communications (ISCC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ISCC58397.2023.10218209\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2023 IEEE Symposium on Computers and Communications (ISCC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISCC58397.2023.10218209","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Balancing Robustness and Covertness in NLP Model Watermarking: A Multi-Task Learning Approach
The popularity of ChatGPT demonstrates the immense commercial value of natural language processing (NLP) technology. However, NLP models are vulnerable to piracy and redistribution, which harms the economic interests of model owners. Existing NLP model watermarking schemes struggle to balance robustness and covertness. Robust watermarking require embedding more information, which compromises their covertness; conversely, covert watermarking are challenging to embed more information, which affects their robustness. This paper proposes an NLP model watermarking framework that uses multi-task learning to address the conflict between robustness and covertness in existing schemes. Specifically, a covert trigger set is established to implement remote verification of the watermark model, and a covert auxiliary network is designed to enhance the watermark model's robustness. The proposed watermarking framework is evaluated on two benchmark datasets and three mainstream NLP models. The experiments validate the frame-work's excellent covertness, robustness, and low false positive rate.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
