Search Results for author:
Found 14 papers, 0 papers with code
Turn Passive to Active: A Survey on Active Intellectual Property Protection of Deep Learning Models
In this review, we attempt to clearly elaborate on the connotation, attributes, and requirements of active DNN copyright protection, provide evaluation methods and metrics for active copyright protection, review and analyze existing work on active DL model intellectual property protection, discuss potential attacks that active DL model copyright protection techniques may face, and provide challenges and future directions for active DL model intellectual property protection.
InFIP: An Explainable DNN Intellectual Property Protection Method based on Intrinsic Features
Since the intrinsic feature is composed of unique interpretation of the model's decision, the intrinsic feature can be regarded as fingerprint of the model.
Deep learning based sferics recognition for AMT data processing in the dead band
The subsequent processing results show that our method can significantly improve S/N and effectively solve the problem of lack of energy in dead band.
Imperceptible and Multi-channel Backdoor Attack against Deep Neural Networks
Recent researches demonstrate that Deep Neural Networks (DNN) models are vulnerable to backdoor attacks.
Compression-Resistant Backdoor Attack against Deep Neural Networks
After training, the backdoor attack against DNN is robust to image compression.
Detect and remove watermark in deep neural networks via generative adversarial networks
Experimental evaluations on the MNIST and CIFAR10 datasets demonstrate that, the proposed method can effectively remove about 98% of the watermark in DNN models, as the watermark retention rate reduces from 100% to less than 2% after applying the proposed attack.
Detecting Backdoor in Deep Neural Networks via Intentional Adversarial Perturbations
Experimental results show that, the backdoor detection rate of the proposed defense method is 99. 63%, 99. 76% and 99. 91% on Fashion-MNIST, CIFAR-10 and GTSRB datasets, respectively.
AdvParams: An Active DNN Intellectual Property Protection Technique via Adversarial Perturbation Based Parameter Encryption
Moreover, the proposed method only needs to encrypt an extremely low number of parameters, and the proportion of the encrypted parameters of all the model's parameters is as low as 0. 000205%.
Protecting the Intellectual Properties of Deep Neural Networks with an Additional Class and Steganographic Images
To address these challenges, in this paper, we propose a method to protect the intellectual properties of DNN models by using an additional class and steganographic images.
Robust Backdoor Attacks against Deep Neural Networks in Real Physical World
In this paper, we propose a robust physical backdoor attack method, PTB (physical transformations for backdoors), to implement the backdoor attacks against deep learning models in the real physical world.
ActiveGuard: An Active DNN IP Protection Technique via Adversarial Examples
For ownership verification, the embedded watermark can be successfully extracted, while the normal performance of the DNN model will not be affected.
3D Invisible Cloak
on person stealth attacks, and propose 3D transformations to generate 3D invisible cloak.
SocialGuard: An Adversarial Example Based Privacy-Preserving Technique for Social Images
After being injected with the perturbation, the social image can easily fool the object detector, while its visual quality will not be degraded.
NaturalAE: Natural and Robust Physical Adversarial Examples for Object Detectors
Experimental results demonstrate that, the generated adversarial examples are robust under various indoor and outdoor physical conditions, including different distances, angles, illuminations, and photographing.
