Fragile Model Watermark for integrity protection: leveraging boundary volatility and sensitive sample-pairing

no code implementations • 11 Apr 2024 • Zhenzhe Gao, Zhenjun Tang, Zhaoxia Yin, Baoyuan Wu, Yue Lu

Neural networks have increasingly influenced people's lives.

Adaptive White-Box Watermarking with Self-Mutual Check Parameters in Deep Neural Networks

no code implementations • 22 Aug 2023 • Zhenzhe Gao, Zhaoxia Yin, Hongjian Zhan, Heng Yin, Yue Lu

Fragile watermarking is a technique used to identify tampering in AI models.

Decision-based iterative fragile watermarking for model integrity verification

no code implementations • 13 May 2023 • Zhaoxia Yin, Heng Yin, Hang Su, Xinpeng Zhang, Zhenzhe Gao

Our method has some advantages: (1) the iterative update of samples is done in a decision-based black-box manner, relying solely on the predicted probability distribution of the target model, which reduces the risk of exposure to adversarial attacks, (2) the small-amplitude multiple iterations approach allows the fragile samples to perform well visually, with a PSNR of 55 dB in TinyImageNet compared to the original samples, (3) even with changes in the overall parameters of the model of magnitude 1e-4, the fragile samples can detect such changes, and (4) the method is independent of the specific model structure and dataset.