Related papers: A Recipe for Watermarking Diffusion Models

A Recipe for Watermarking Diffusion Models

URL: http://arxiv.org/abs/2303.10137v2
Date: Sun, 15 Oct 2023 10:04:38 GMT
Title: A Recipe for Watermarking Diffusion Models
Authors: Yunqing Zhao, Tianyu Pang, Chao Du, Xiao Yang, Ngai-Man Cheung, Min Lin
Abstract summary: Diffusion models (DMs) have demonstrated advantageous potential on generative tasks. Widespread interest exists in incorporating DMs into downstream applications, such as producing or editing photorealistic images. However, practical deployment and unprecedented power of DMs raise legal issues, including copyright protection and monitoring of generated content. Watermarking has been a proven solution for copyright protection and content monitoring, but it is underexplored in the DMs literature.
Score: 53.456012264767914
License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
Abstract: Diffusion models (DMs) have demonstrated advantageous potential on generative tasks. Widespread interest exists in incorporating DMs into downstream applications, such as producing or editing photorealistic images. However, practical deployment and unprecedented power of DMs raise legal issues, including copyright protection and monitoring of generated content. In this regard, watermarking has been a proven solution for copyright protection and content monitoring, but it is underexplored in the DMs literature. Specifically, DMs generate samples from longer tracks and may have newly designed multimodal structures, necessitating the modification of conventional watermarking pipelines. To this end, we conduct comprehensive analyses and derive a recipe for efficiently watermarking state-of-the-art DMs (e.g., Stable Diffusion), via training from scratch or finetuning. Our recipe is straightforward but involves empirically ablated implementation details, providing a foundation for future research on watermarking DMs. The code is available at https://github.com/yunqing-me/WatermarkDM.

Related papers

AquaLoRA: Toward White-box Protection for Customized Stable Diffusion Models via Watermark LoRA [67.68750063537482]
Diffusion models have achieved remarkable success in generating high-quality images. Recent works aim to let SD models output watermarked content for post-hoc forensics. We propose textttmethod as the first implementation under this scenario.
arXiv Detail & Related papers (2024-05-18T01:25:47Z)
Watermark-embedded Adversarial Examples for Copyright Protection against Diffusion Models [10.993094140231667]
There are concerns that Diffusion Models could be used to imitate unauthorized creations and thus raise copyright issues. We propose a novel framework that embeds personal watermarks in the generation of adversarial examples. This work provides a simple yet powerful way to protect copyright from DM-based imitation.
arXiv Detail & Related papers (2024-04-15T01:27:07Z)
The Stronger the Diffusion Model, the Easier the Backdoor: Data Poisoning to Induce Copyright Breaches Without Adjusting Finetuning Pipeline [30.80691226540351]
We formalized the Copyright Infringement Attack on generative AI models and proposed a backdoor attack method, SilentBadDiffusion. Our method strategically embeds connections between pieces of copyrighted information and text references in poisoning data. Our experiments show the stealth and efficacy of the poisoning data.
arXiv Detail & Related papers (2024-01-07T08:37:29Z)
Unbiased Watermark for Large Language Models [67.43415395591221]
This study examines how significantly watermarks impact the quality of model-generated outputs. It is possible to integrate watermarks without affecting the output probability distribution. The presence of watermarks does not compromise the performance of the model in downstream tasks.
arXiv Detail & Related papers (2023-09-22T12:46:38Z)
Towards Robust Model Watermark via Reducing Parametric Vulnerability [57.66709830576457]
backdoor-based ownership verification becomes popular recently, in which the model owner can watermark the model. We propose a mini-max formulation to find these watermark-removed models and recover their watermark behavior. Our method improves the robustness of the model watermarking against parametric changes and numerous watermark-removal attacks.
arXiv Detail & Related papers (2023-09-09T12:46:08Z)
VillanDiffusion: A Unified Backdoor Attack Framework for Diffusion Models [69.20464255450788]
Diffusion Models (DMs) are state-of-the-art generative models that learn a reversible corruption process from iterative noise addition and denoising. Recent studies have shown that basic unconditional DMs are vulnerable to backdoor injection. This paper presents a unified backdoor attack framework to expand the current scope of backdoor analysis for DMs.
arXiv Detail & Related papers (2023-06-12T05:14:13Z)
DiffusionShield: A Watermark for Copyright Protection against Generative Diffusion Models [41.81697529657049]
We introduce a novel watermarking scheme, DiffusionShield, tailored for Generative Diffusion Models (GDMs) DiffusionShield protects images from copyright infringement by GDMs through encoding the ownership information into an imperceptible watermark and injecting it into the images. Benefiting from the uniformity of the watermarks and the joint optimization method, DiffusionShield ensures low distortion of the original image.
arXiv Detail & Related papers (2023-05-25T11:59:28Z)
Adversarial Example Does Good: Preventing Painting Imitation from Diffusion Models via Adversarial Examples [32.701307512642835]
Diffusion Models (DMs) boost a wave in AI for Art yet raise new copyright concerns. In this paper, we propose to utilize adversarial examples for DMs to protect human-created artworks. Our method can be a powerful tool for human artists to protect their copyright against infringers equipped with DM-based AI-for-Art applications.
arXiv Detail & Related papers (2023-02-09T11:36:39Z)
Exploring Structure Consistency for Deep Model Watermarking [122.38456787761497]
The intellectual property (IP) of Deep neural networks (DNNs) can be easily stolen'' by surrogate model attack. We propose a new watermarking methodology, namely structure consistency'', based on which a new deep structure-aligned model watermarking algorithm is designed.
arXiv Detail & Related papers (2021-08-05T04:27:15Z)

This list is automatically generated from the titles and abstracts of the papers in this site.