What question did this study set out to answer?

This research aims to enhance the traceability of diffusion and diffusion steganography models through a novel method without compromising content quality.

May 8, 2026

Multi-layer traceability of diffusion and diffusion-stego models based on zero-watermarking and Swin transformer-PCA

Key Points

This research aims to enhance the traceability of diffusion and diffusion steganography models through a novel method without compromising content quality.
Developed a multi-layer traceability method utilizing zero-watermarking and Swin Transformer-PCA for feature extraction.
Extracted features from noise images during the diffusion process to facilitate copyright tracing of generated content and secret data.
Evaluated the robustness and visual quality of the proposed method against various attacks.
Achieved an average Peak Signal-to-Noise Ratio of 43.13 dB, indicating high visual quality.
Normalized Cross-Correlation (NCC) reached up to 0.96 under various attack scenarios, demonstrating strong resilience.
The method showcased no necessary modifications to models or generated content, maintaining accuracy and quality.

Abstract

Abstract With the rapid development of AI-Generative Content (AIGC), various diffusion and diffusion steganography models have been rising recently. However, existing diffusion and diffusion steganography models mainly focused on generating content and hiding secret data, ignoring copyright protection and traceability of generated content, secret data, and models. Model watermarking served as an active defense mechanism in traceability has been widely concerned. However, existing model watermarking primarily fine-tunes diffusion models, which not only requires additional training but also degrades the quality of generated content. To address these issues, based on zero-watermarking and Swin Transformer-Principal Component Analysis (PCA), this paper proposes a multi-layer traceability method for diffusion and diffusion steganography models, without requiring extra modifications and training, making it simple and efficient. We first propose Swin Transformer-PCA to extract features of the noise images generated during the diffusion process, significantly reducing the dimensionality of feature vectors while retaining the most important features and enhancing the feature robustness. Then we combine the extracted features with the model’s copyright to create a zero-watermark for model traceability. According to the different protection targets, we extract features of generated content or secret data separately, then combine them with the image copyright or secret data copyright to create zero-watermarks, achieving multi-layer traceability. Experimental results demonstrate that the proposed multi-layer traceability method exhibits strong robustness and high visual quality, resisting various attacks, with an average Peak Signal-to-Noise Ratio of 43.13 dB and Normalized Cross-Correlation (NCC) of up to 0.96 under various attacks. Moreover, our scheme achieves zero modifications on both model and generated content, ensuring high accuracy of the model and high quality of the generated content.

Bookmark

Multi-layer traceability of diffusion and diffusion-stego models based on zero-watermarking and Swin transformer-PCA

Key Points

Abstract

Cite This Study