Fingerprinting Image-to-Image Generative Adversarial Networks

• URL: http://arxiv.org/abs/2106.11760v5
• Date: Wed, 7 Aug 2024 05:28:30 GMT
• Title: Fingerprinting Image-to-Image Generative Adversarial Networks
• Authors: Guanlin Li, Guowen Xu, Han Qiu, Shangwei Guo, Run Wang, Jiwei Li, Tianwei Zhang, Rongxing Lu,
• Abstract summary: Generative Adversarial Networks (GANs) have been widely used in various application scenarios. This paper presents a novel fingerprinting scheme for the Intellectual Property protection of image-to-image GANs based on a trusted third party.
• Score: 53.02510603622128
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: Generative Adversarial Networks (GANs) have been widely used in various application scenarios. Since the production of a commercial GAN requires substantial computational and human resources, the copyright protection of GANs is urgently needed. This paper presents a novel fingerprinting scheme for the Intellectual Property (IP) protection of image-to-image GANs based on a trusted third party. We break through the stealthiness and robustness bottlenecks suffered by previous fingerprinting methods for classification models being naively transferred to GANs. Specifically, we innovatively construct a composite deep learning model from the target GAN and a classifier. Then we generate fingerprint samples from this composite model, and embed them in the classifier for effective ownership verification. This scheme inspires some concrete methodologies to practically protect the modern image-to-image translation GANs. Theoretical analysis proves that these methods can satisfy different security requirements necessary for IP protection. We also conduct extensive experiments to show that our solutions outperform existing strategies.

Related papers

• MFCLIP: Multi-modal Fine-grained CLIP for Generalizable Diffusion Face Forgery Detection [64.29452783056253]
  The rapid development of photo-realistic face generation methods has raised significant concerns in society and academia. Although existing approaches mainly capture face forgery patterns using image modality, other modalities like fine-grained noises and texts are not fully explored. We propose a novel multi-modal fine-grained CLIP (MFCLIP) model, which mines comprehensive and fine-grained forgery traces across image-noise modalities.
  arXiv  Detail & Related papers  (2024-09-15T13:08:59Z)
• Adversarial Robustification via Text-to-Image Diffusion Models [56.37291240867549]
  Adrial robustness has been conventionally believed as a challenging property to encode for neural networks. We develop a scalable and model-agnostic solution to achieve adversarial robustness without using any data.
  arXiv  Detail & Related papers  (2024-07-26T10:49:14Z)
• MirrorCheck: Efficient Adversarial Defense for Vision-Language Models [55.73581212134293]
  We propose a novel, yet elegantly simple approach for detecting adversarial samples in Vision-Language Models. Our method leverages Text-to-Image (T2I) models to generate images based on captions produced by target VLMs. Empirical evaluations conducted on different datasets validate the efficacy of our approach.
  arXiv  Detail & Related papers  (2024-06-13T15:55:04Z)
• Protect-Your-IP: Scalable Source-Tracing and Attribution against Personalized Generation [19.250673262185767]
  We propose a unified approach for image copyright source-tracing and attribution. We introduce an innovative watermarking-attribution method that blends proactive and passive strategies. We have conducted experiments using various celebrity portrait series sourced online.
  arXiv  Detail & Related papers  (2024-05-26T15:14:54Z)
• ModelShield: Adaptive and Robust Watermark against Model Extraction Attack [58.46326901858431]
  Large language models (LLMs) demonstrate general intelligence across a variety of machine learning tasks. adversaries can still utilize model extraction attacks to steal the model intelligence encoded in model generation. Watermarking technology offers a promising solution for defending against such attacks by embedding unique identifiers into the model-generated content.
  arXiv  Detail & Related papers  (2024-05-03T06:41:48Z)
• Robust Retraining-free GAN Fingerprinting via Personalized Normalization [21.63902009635896]
  The proposed method can embed different fingerprints inside the GAN by just changing the input of the ParamGen Nets. The performance of the proposed method in terms of robustness against both model-level and image-level attacks is superior to the state-of-the-art.
  arXiv  Detail & Related papers  (2023-11-09T16:09:12Z)
• Copyright Protection and Accountability of Generative AI:Attack, Watermarking and Attribution [7.0159295162418385]
  We propose an evaluation framework to provide a comprehensive overview of the current state of the copyright protection measures for GANs. Our findings indicate that the current intellectual property protection methods for input images, model watermarking, and attribution networks are largely satisfactory for a wide range of GANs.
  arXiv  Detail & Related papers  (2023-03-15T06:40:57Z)
• Self-supervised GAN Detector [10.963740942220168]
  generative models can be abused with malicious purposes, such as fraud, defamation, and fake news. We propose a novel framework to distinguish the unseen generated images outside of the training settings. Our proposed method is composed of the artificial fingerprint generator reconstructing the high-quality artificial fingerprints of GAN images.
  arXiv  Detail & Related papers  (2021-11-12T06:19:04Z)
• Exploring Structure Consistency for Deep Model Watermarking [122.38456787761497]
  The intellectual property (IP) of Deep neural networks (DNNs) can be easily stolen'' by surrogate model attack. We propose a new watermarking methodology, namely structure consistency'', based on which a new deep structure-aligned model watermarking algorithm is designed.
  arXiv  Detail & Related papers  (2021-08-05T04:27:15Z)
• Protecting Intellectual Property of Generative Adversarial Networks from Ambiguity Attack [26.937702447957193]
  Generative Adrial Networks (GANs) which has been widely used to create photorealistic image are totally unprotected. This paper presents a complete protection framework in both black-box and white-box settings to enforce Intellectual Property Right (IPR) protection on GANs.
  arXiv  Detail & Related papers  (2021-02-08T17:12:20Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.