Responsible Disclosure of Generative Models Using Scalable
Fingerprinting
- URL: http://arxiv.org/abs/2012.08726v4
- Date: Tue, 30 Mar 2021 23:51:15 GMT
- Title: Responsible Disclosure of Generative Models Using Scalable
Fingerprinting
- Authors: Ning Yu, Vladislav Skripniuk, Dingfan Chen, Larry Davis, Mario Fritz
- Abstract summary: Deep generative models have achieved a qualitatively new level of performance.
There are concerns on how this technology can be misused to spoof sensors, generate deep fakes, and enable misinformation at scale.
Our work enables a responsible disclosure of such state-of-the-art generative models, that allows researchers and companies to fingerprint their models.
- Score: 70.81987741132451
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: Over the past six years, deep generative models have achieved a qualitatively
new level of performance. Generated data has become difficult, if not
impossible, to be distinguished from real data. While there are plenty of use
cases that benefit from this technology, there are also strong concerns on how
this new technology can be misused to spoof sensors, generate deep fakes, and
enable misinformation at scale. Unfortunately, current deep fake detection
methods are not sustainable, as the gap between real and fake continues to
close. In contrast, our work enables a responsible disclosure of such
state-of-the-art generative models, that allows researchers and companies to
fingerprint their models, so that the generated samples containing a
fingerprint can be accurately detected and attributed to a source. Our
technique achieves this by an efficient and scalable ad-hoc generation of a
large population of models with distinct fingerprints. Our recommended
operation point uses a 128-bit fingerprint which in principle results in more
than $10^{36}$ identifiable models. Experiments show that our method fulfills
key properties of a fingerprinting mechanism and achieves effectiveness in deep
fake detection and attribution.
Related papers
- Scalable Fingerprinting of Large Language Models [46.26999419117367]
We introduce a new method, dubbed Perinucleus sampling, to generate scalable, persistent, and harmless fingerprints.
We demonstrate that this scheme can add 24,576 fingerprints to a Llama-3.1-8B model without degrading the model's utility.
arXiv Detail & Related papers (2025-02-11T18:43:07Z) - Sample Correlation for Fingerprinting Deep Face Recognition [83.53005932513156]
We propose a novel model stealing detection method based on SA Corremplelation (SAC)
SAC successfully defends against various model stealing attacks in deep face recognition, encompassing face verification and face emotion recognition, exhibiting the highest performance in terms of AUC, p-value and F1 score.
We extend our evaluation of SAC-JC to object recognition including Tiny-ImageNet and CIFAR10, which also demonstrates the superior performance of SAC-JC to previous methods.
arXiv Detail & Related papers (2024-12-30T07:37:06Z) - ManiFPT: Defining and Analyzing Fingerprints of Generative Models [16.710998621718193]
We formalize the definition of artifact and fingerprint in generative models.
We propose an algorithm for computing them in practice.
We study the structure of the fingerprints and observe that it is very predictive of the effect of different design choices on the generative process.
arXiv Detail & Related papers (2024-02-16T01:58:35Z) - SpoofGAN: Synthetic Fingerprint Spoof Images [47.87570819350573]
A major limitation to advances in fingerprint spoof detection is the lack of publicly available, large-scale fingerprint spoof datasets.
This work aims to demonstrate the utility of synthetic (both live and spoof) fingerprints in supplying these algorithms with sufficient data.
arXiv Detail & Related papers (2022-04-13T16:27:27Z) - A high performance fingerprint liveness detection method based on
quality related features [66.41574316136379]
The system is tested on a highly challenging database comprising over 10,500 real and fake images.
The proposed solution proves to be robust to the multi-scenario dataset, and presents an overall rate of 90% correctly classified samples.
arXiv Detail & Related papers (2021-11-02T21:09:39Z) - Artificial Fingerprinting for Generative Models: Rooting Deepfake
Attribution in Training Data [64.65952078807086]
Photorealistic image generation has reached a new level of quality due to the breakthroughs of generative adversarial networks (GANs)
Yet, the dark side of such deepfakes, the malicious use of generated media, raises concerns about visual misinformation.
We seek a proactive and sustainable solution on deepfake detection by introducing artificial fingerprints into the models.
arXiv Detail & Related papers (2020-07-16T16:49:55Z) - SynFi: Automatic Synthetic Fingerprint Generation [23.334625222079634]
We introduce a new approach to automatically generate high-fidelity synthetic fingerprints at scale.
We show that our methodology is the first to generate fingerprints that are computationally indistinguishable from real ones.
arXiv Detail & Related papers (2020-02-16T07:45:29Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.