Los puntos clave no están disponibles para este artículo en este momento.
This paper proposes a watermarking method that can be used for the copyright protection of DNN models, utilizing learnable block-wise image transformation techniques and a secret key to embed a watermark. A black-box watermarking approach is used, which does not require a specific predefined training or trigger set, allowing for the remote verification of model ownership. As a result, this method can achieve copyright protection using authentication methods for DNN models. Results of experiments on established datasets 1, 2 indicate that the original watermark is not easily overwritten by pirated watermarks. Moreover, its performance in pruning attack experiments is similar to that observed in the studies cited above. However, our approach demonstrates stronger robustness against fine-tuning attacks, while also achieving higher image classification accuracy.
He et al. (Sat,) studied this question.
Synapse has enriched 5 closely related papers on similar clinical questions. Consider them for comparative context: