TY - GEN
T1 - Watermarking Image Processing Models for Intellectual Property Protection
AU - Du, Yuxuan
AU - He, Xuanyu
AU - Ma, Haixuan
AU - Lei, Haoyun
AU - Yang, Zhiheng
AU - Tang, Linlin
N1 - Publisher Copyright:
© The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2026.
PY - 2026
Y1 - 2026
N2 - Deep learning has been successful in various computer vision tasks. However, training deep models is computationally expensive and requires significant high-quality data, making a good pre-trained model highly valuable. However, there is a growing concern about the security of pre-trained deep models. When these models are shared or deployed widely, they become exposed to the risk of illegal theft. This raises concerns about how to protect the intellectual property (IP) of model owners. One solution is to use deep model watermarking. Most recent research has focused on protecting classification networks. However, image processing models are still under-researched, and existing methods lack generality. This paper presents a novel model watermarking method to protect image processing models that also supports black-box verification. We watermark the target model by training it on watermarked training data. The watermarked model learns to embed the watermark into its output images, which can be extracted to realize copyright protection. Our method has been extensively tested, and the results demonstrate its fidelity, uniqueness, and robustness.
AB - Deep learning has been successful in various computer vision tasks. However, training deep models is computationally expensive and requires significant high-quality data, making a good pre-trained model highly valuable. However, there is a growing concern about the security of pre-trained deep models. When these models are shared or deployed widely, they become exposed to the risk of illegal theft. This raises concerns about how to protect the intellectual property (IP) of model owners. One solution is to use deep model watermarking. Most recent research has focused on protecting classification networks. However, image processing models are still under-researched, and existing methods lack generality. This paper presents a novel model watermarking method to protect image processing models that also supports black-box verification. We watermark the target model by training it on watermarked training data. The watermarked model learns to embed the watermark into its output images, which can be extracted to realize copyright protection. Our method has been extensively tested, and the results demonstrate its fidelity, uniqueness, and robustness.
KW - Blackbox watermarking
KW - DNN watermarking
KW - Intellectual property protection
KW - Model watermarking
KW - Multi-bit watermarking
UR - https://www.scopus.com/pages/publications/105020769059
U2 - 10.1007/978-981-96-7277-6_8
DO - 10.1007/978-981-96-7277-6_8
M3 - 会议稿件
AN - SCOPUS:105020769059
SN - 9789819672769
T3 - Smart Innovation, Systems and Technologies
SP - 87
EP - 97
BT - Advances in Intelligent Data Analysis and Applications - Proceedings of the 8th Euro–China Conference on Intelligent Data Analysis and Applications, 2024
A2 - Chu, Shu-Chuan
A2 - Chen, Chien-Ming
A2 - Pan, Jeng-Shyang
A2 - Kong, Lingping
PB - Springer Science and Business Media Deutschland GmbH
T2 - 8th Euro-China Conference on Intelligent Data Analysis and Applications, ECC 2024
Y2 - 7 December 2024 through 9 December 2024
ER -