{"title":"DNN水印:四个挑战和葬礼","authors":"M. Barni, F. Pérez-González, B. Tondi","doi":"10.1145/3437880.3460399","DOIUrl":null,"url":null,"abstract":"The demand for methods to protect the Intellectual Property Rights (IPR) associated to Deep Neural Networks (DNNs) is rising. Watermarking has been recently proposed as a way to protect the IPR of DNNs and track their usages. Although a number of techniques for media watermarking have been proposed and developed over the past decades, their direct translation to DNN watermarking faces the problem of the embedding being carried out on functionals instead of signals. This originates differences not only in the way performance, robustness and unobtrusiveness are measured, but also on the embedding domain, since there is the possibility of hiding information in the model behavior. In this paper, we discuss these dissimilarities that lead to a DNN-specific taxonomy of watermarking techniques. Then, we present four challenges specific to DNN watermarking that, for their practical importance and theoretical interest, should occupy the agenda of researchers in the next years. Finally, we discuss some bad practices that negatively affected research in media watermarking and that should not be repeated in the case of DNNs.","PeriodicalId":120300,"journal":{"name":"Proceedings of the 2021 ACM Workshop on Information Hiding and Multimedia Security","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2021-06-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"16","resultStr":"{\"title\":\"DNN Watermarking: Four Challenges and a Funeral\",\"authors\":\"M. Barni, F. Pérez-González, B. Tondi\",\"doi\":\"10.1145/3437880.3460399\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The demand for methods to protect the Intellectual Property Rights (IPR) associated to Deep Neural Networks (DNNs) is rising. Watermarking has been recently proposed as a way to protect the IPR of DNNs and track their usages. Although a number of techniques for media watermarking have been proposed and developed over the past decades, their direct translation to DNN watermarking faces the problem of the embedding being carried out on functionals instead of signals. This originates differences not only in the way performance, robustness and unobtrusiveness are measured, but also on the embedding domain, since there is the possibility of hiding information in the model behavior. In this paper, we discuss these dissimilarities that lead to a DNN-specific taxonomy of watermarking techniques. Then, we present four challenges specific to DNN watermarking that, for their practical importance and theoretical interest, should occupy the agenda of researchers in the next years. Finally, we discuss some bad practices that negatively affected research in media watermarking and that should not be repeated in the case of DNNs.\",\"PeriodicalId\":120300,\"journal\":{\"name\":\"Proceedings of the 2021 ACM Workshop on Information Hiding and Multimedia Security\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-06-17\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"16\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 2021 ACM Workshop on Information Hiding and Multimedia Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3437880.3460399\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2021 ACM Workshop on Information Hiding and Multimedia Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3437880.3460399","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
The demand for methods to protect the Intellectual Property Rights (IPR) associated to Deep Neural Networks (DNNs) is rising. Watermarking has been recently proposed as a way to protect the IPR of DNNs and track their usages. Although a number of techniques for media watermarking have been proposed and developed over the past decades, their direct translation to DNN watermarking faces the problem of the embedding being carried out on functionals instead of signals. This originates differences not only in the way performance, robustness and unobtrusiveness are measured, but also on the embedding domain, since there is the possibility of hiding information in the model behavior. In this paper, we discuss these dissimilarities that lead to a DNN-specific taxonomy of watermarking techniques. Then, we present four challenges specific to DNN watermarking that, for their practical importance and theoretical interest, should occupy the agenda of researchers in the next years. Finally, we discuss some bad practices that negatively affected research in media watermarking and that should not be repeated in the case of DNNs.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
