Watermark Faker: Towards Forgery of Digital Image Watermarking

• URL: http://arxiv.org/abs/2103.12489v1
• Date: Tue, 23 Mar 2021 12:28:00 GMT
• Title: Watermark Faker: Towards Forgery of Digital Image Watermarking
• Authors: Ruowei Wang, Chenguo Lin, Qijun Zhao, Feiyu Zhu
• Abstract summary: We make the first attempt to develop digital image watermark fakers by using generative adversarial learning. Our experiments show that the proposed watermark faker can effectively crack digital image watermarkers in both spatial and frequency domains.
• Score: 10.14145437847397
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: Digital watermarking has been widely used to protect the copyright and integrity of multimedia data. Previous studies mainly focus on designing watermarking techniques that are robust to attacks of destroying the embedded watermarks. However, the emerging deep learning based image generation technology raises new open issues that whether it is possible to generate fake watermarked images for circumvention. In this paper, we make the first attempt to develop digital image watermark fakers by using generative adversarial learning. Suppose that a set of paired images of original and watermarked images generated by the targeted watermarker are available, we use them to train a watermark faker with U-Net as the backbone, whose input is an original image, and after a domain-specific preprocessing, it outputs a fake watermarked image. Our experiments show that the proposed watermark faker can effectively crack digital image watermarkers in both spatial and frequency domains, suggesting the risk of such forgery attacks.

Related papers

• An undetectable watermark for generative image models [65.31658824274894]
  We present the first undetectable watermarking scheme for generative image models. In particular, an undetectable watermark does not degrade image quality under any efficiently computable metric. Our scheme works by selecting the initial latents of a diffusion model using a pseudorandom error-correcting code.
  arXiv  Detail & Related papers  (2024-10-09T18:33:06Z)
• Certifiably Robust Image Watermark [57.546016845801134]
  Generative AI raises many societal concerns such as boosting disinformation and propaganda campaigns. Watermarking AI-generated content is a key technology to address these concerns. We propose the first image watermarks with certified robustness guarantees against removal and forgery attacks.
  arXiv  Detail & Related papers  (2024-07-04T17:56:04Z)
• Steganalysis on Digital Watermarking: Is Your Defense Truly Impervious? [21.06493827123594]
  steganalysis attacks can extract and remove the watermark with minimal perceptual distortion. We show how averaging a collection of watermarked images could reveal the underlying watermark pattern. We propose security guidelines calling for using content-adaptive watermarking strategies and performing security evaluation against steganalysis.
  arXiv  Detail & Related papers  (2024-06-13T12:01:28Z)
• On the Learnability of Watermarks for Language Models [80.97358663708592]
  We ask whether language models can directly learn to generate watermarked text. We propose watermark distillation, which trains a student model to behave like a teacher model. We find that models can learn to generate watermarked text with high detectability.
  arXiv  Detail & Related papers  (2023-12-07T17:41:44Z)
• Invisible Image Watermarks Are Provably Removable Using Generative AI [47.25747266531665]
  Invisible watermarks safeguard images' copyrights by embedding hidden messages only detectable by owners. We propose a family of regeneration attacks to remove these invisible watermarks. The proposed attack method first adds random noise to an image to destroy the watermark and then reconstructs the image.
  arXiv  Detail & Related papers  (2023-06-02T23:29:28Z)
• Convolutional Neural Network-Based Image Watermarking using Discrete Wavelet Transform [5.1779694507922835]
  This paper proposes a combination of convolutional neural networks (CNNs) and wavelet transforms to obtain a watermarking network. The network is independent of the host image resolution, can accept all kinds of watermarks, and has only 11 CNN layers while keeping performance.
  arXiv  Detail & Related papers  (2022-10-08T22:54:46Z)
• Certified Neural Network Watermarks with Randomized Smoothing [64.86178395240469]
  We propose a certifiable watermarking method for deep learning models. We show that our watermark is guaranteed to be unremovable unless the model parameters are changed by more than a certain l2 threshold. Our watermark is also empirically more robust compared to previous watermarking methods.
  arXiv  Detail & Related papers  (2022-07-16T16:06:59Z)
• A Robust Document Image Watermarking Scheme using Deep Neural Network [10.938878993948517]
  This paper proposes an end-to-end document image watermarking scheme using the deep neural network. Specifically, an encoder and a decoder are designed to embed and extract the watermark. A text-sensitive loss function is designed to limit the embedding modification on characters.
  arXiv  Detail & Related papers  (2022-02-26T05:28:52Z)
• Watermarking Images in Self-Supervised Latent Spaces [75.99287942537138]
  We revisit watermarking techniques based on pre-trained deep networks, in the light of self-supervised approaches. We present a way to embed both marks and binary messages into their latent spaces, leveraging data augmentation at marking time.
  arXiv  Detail & Related papers  (2021-12-17T15:52:46Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.