A Somewhat Robust Image Watermark against Diffusion-based Editing Models

• URL: http://arxiv.org/abs/2311.13713v2
• Date: Thu, 7 Dec 2023 19:17:11 GMT
• Title: A Somewhat Robust Image Watermark against Diffusion-based Editing Models
• Authors: Mingtian Tan, Tianhao Wang, Somesh Jha
• Abstract summary: Editing models based on diffusion models (DMs) have inadvertently introduced new challenges related to image copyright infringement and malicious editing. We develop a novel technique, RIW (Robust Invisible Watermarking), to embed invisible watermarks. Our technique ensures a high extraction accuracy of $96%$ for the invisible watermark after editing, compared to the $0%$ offered by conventional methods.
• Score: 25.034612051522167
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: Recently, diffusion models (DMs) have become the state-of-the-art method for image synthesis. Editing models based on DMs, known for their high fidelity and precision, have inadvertently introduced new challenges related to image copyright infringement and malicious editing. Our work is the first to formalize and address this issue. After assessing and attempting to enhance traditional image watermarking techniques, we recognize their limitations in this emerging context. In response, we develop a novel technique, RIW (Robust Invisible Watermarking), to embed invisible watermarks leveraging adversarial example techniques. Our technique ensures a high extraction accuracy of $96\%$ for the invisible watermark after editing, compared to the $0\%$ offered by conventional methods. We provide access to our code at https://github.com/BennyTMT/RIW.

Related papers

• Conceptwm: A Diffusion Model Watermark for Concept Protection [23.64920988914223]
  Current watermarking schemes add watermarks to all images rather than applying them in a refined manner targeted at specific concepts. We introduce a novel concept-oriented watermarking framework that seamlessly embeds imperceptible watermarks into the concept of diffusion models.
  arXiv  Detail & Related papers  (2024-11-18T16:11:25Z)
• Robust Watermarking Using Generative Priors Against Image Editing: From Benchmarking to Advances [13.746887960091112]
  Large-scale text-to-image models can distort embedded watermarks during editing, posing challenges to copyright protection. We introduce W-Bench, the first comprehensive benchmark designed to evaluate the robustness of watermarking methods. We propose VINE, a watermarking method that significantly enhances robustness against various image editing techniques.
  arXiv  Detail & Related papers  (2024-10-24T14:28:32Z)
• JIGMARK: A Black-Box Approach for Enhancing Image Watermarks against Diffusion Model Edits [76.25962336540226]
  JIGMARK is a first-of-its-kind watermarking technique that enhances robustness through contrastive learning. Our evaluation reveals that JIGMARK significantly surpasses existing watermarking solutions in resilience to diffusion-model edits.
  arXiv  Detail & Related papers  (2024-06-06T03:31:41Z)
• FT-Shield: A Watermark Against Unauthorized Fine-tuning in Text-to-Image Diffusion Models [64.89896692649589]
  We propose FT-Shield, a watermarking solution tailored for the fine-tuning of text-to-image diffusion models. FT-Shield addresses copyright protection challenges by designing new watermark generation and detection strategies.
  arXiv  Detail & Related papers  (2023-10-03T19:50:08Z)
• Tree-Ring Watermarks: Fingerprints for Diffusion Images that are Invisible and Robust [55.91987293510401]
  Watermarking the outputs of generative models is a crucial technique for tracing copyright and preventing potential harm from AI-generated content. We introduce a novel technique called Tree-Ring Watermarking that robustly fingerprints diffusion model outputs. Our watermark is semantically hidden in the image space and is far more robust than watermarking alternatives that are currently deployed.
  arXiv  Detail & Related papers  (2023-05-31T17:00:31Z)
• Certified Neural Network Watermarks with Randomized Smoothing [64.86178395240469]
  We propose a certifiable watermarking method for deep learning models. We show that our watermark is guaranteed to be unremovable unless the model parameters are changed by more than a certain l2 threshold. Our watermark is also empirically more robust compared to previous watermarking methods.
  arXiv  Detail & Related papers  (2022-07-16T16:06:59Z)
• Watermarking Images in Self-Supervised Latent Spaces [75.99287942537138]
  We revisit watermarking techniques based on pre-trained deep networks, in the light of self-supervised approaches. We present a way to embed both marks and binary messages into their latent spaces, leveraging data augmentation at marking time.
  arXiv  Detail & Related papers  (2021-12-17T15:52:46Z)
• Piracy-Resistant DNN Watermarking by Block-Wise Image Transformation with Secret Key [15.483078145498085]
  The proposed method embeds a watermark pattern in a model by using learnable transformed images. It is piracy-resistant, so the original watermark cannot be overwritten by a pirated watermark. The results show that it was resilient against fine-tuning and pruning attacks while maintaining a high watermark-detection accuracy.
  arXiv  Detail & Related papers  (2021-04-09T08:21:53Z)
• Fine-tuning Is Not Enough: A Simple yet Effective Watermark Removal Attack for DNN Models [72.9364216776529]
  We propose a novel watermark removal attack from a different perspective. We design a simple yet powerful transformation algorithm by combining imperceptible pattern embedding and spatial-level transformations. Our attack can bypass state-of-the-art watermarking solutions with very high success rates.
  arXiv  Detail & Related papers  (2020-09-18T09:14:54Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.