A dual-verification model watermarking scheme based on certification files

Computer Engineering & Science ›› 2024, Vol. 46 ›› Issue (04): 647-656.

• Computer Network and Znformation Security • Previous Articles Next Articles

A dual-verification model watermarking scheme based on certification files

WU Xia,ZHENG Hong-ying,XIAO Di

(College of Computer Science,Chongqing University,Chongqing 401331,China)

Received:2023-11-14 Revised:2023-12-29 Accepted:2024-04-25 Online:2024-04-25 Published:2024-04-18

Abstract

Abstract: With the integration of edge computing frameworks and federated learning protocols, an increasing number of copyright protection methods for deep learning models have been proposed. However, solely verifying ownership from the senders perspective does not provide assistance to the receiver. Numerous studies have indicated that in client-edge-cloud federated learning systems, malicious users attempt to gain access to public models without contributing or even poison the public models. Therefore, it is necessary to provide a model ownership verification scheme for the receiver. Building upon existing neural network watermarking schemes, this paper proposes a dual-verification model watermarking scheme based on certification files. It introduces a certification file generation step and implements dual ownership verification of the model through adjustments in the model structure. The feasibility, robustness, and improvement in watermark embedding rate of the scheme are verified through experiments.

Key words: edge computing, federated learning, deep neural network, model copyright protection, digital watermarking

WU Xia, ZHENG Hong-ying, XIAO Di. A dual-verification model watermarking scheme based on certification files[J]. Computer Engineering & Science, 2024, 46(04): 647-656.

[1]	MAO Run-ze, WU Zi-heng, XU Jia-yang, ZHANG Yan, CHEN Zhi, . DeepFlame: An open-source platform for reacting flow simulations empowered by deep learning and high-performance computing [J]. Computer Engineering & Science, 2024, 46(11): 1901-1907.
[2]	LI Bao, ZHU Shu, WANG Xiao-chuan, REN Yi, TAN Yu-song. A time-aware dominant resource fair scheduling algorithm for edge function computing [J]. Computer Engineering & Science, 2024, 46(10): 1711-1719.
[3]	GU Ying-cheng, WEI Liu, JIANG Ning, CHENG Huan-yu, LIU Kai, SONG Yu, LIU Mei-zhao, TANG Lei, CHEN Yu, ZHANG Sheng. Edge server assignment for distributed interactive applications in edge environments [J]. Computer Engineering & Science, 2024, 46(10): 1748-1756.
[4]	WANG Peng, ZHANG Jia-cheng, FAN Yu-yang, . A neural network pruning and quantization algorithm for hardware deployment [J]. Computer Engineering & Science, 2024, 46(09): 1547-1553.
[5]	XIAO Di, YU Zhu-yang, LI Min, WANG Lian. A secure federated learning scheme based on differential privacy and model clustering [J]. Computer Engineering & Science, 2024, 46(09): 1606-1615.
[6]	LI Meng, LIU Zi-yi, SONG Yu-hang. A deep subspace clustering algorithm based on dual self-expression and the maximum entropy principle [J]. Computer Engineering & Science, 2024, 46(09): 1685-1692.
[7]	XIN Gao-feng, LIU Yu-xiao, ZHANG Qing-long, HAN Rui, LIU Chi. Block-grained domain adaptation for neural networks at edge [J]. Computer Engineering & Science, 2024, 46(08): 1361-1371.
[8]	JIANG Jing-fei, HE Yuan-hong, XU Jin-wei, XU Shi-yao, QIAN Xi-fu. NM-SpMM:A semi-structured sparse matrix multiplication algorithm for domestic heterogeneous vector processors [J]. Computer Engineering & Science, 2024, 46(07): 1141-1150.
[9]	GUO Chang-hao, TANG Xiang-yun, WENG Yu. A data heterogeneity processing method based on asynchronous hierarchical federated learning [J]. Computer Engineering & Science, 2024, 46(07): 1237-1244.
[10]	LI Lei, ZHENG Li-ming, WANG Hong-yi, CHAI Yong-yi, LIU Pei-guo. A 6H parallel computing architecture for edge computing [J]. Computer Engineering & Science, 2023, 45(09): 1544-1552.
[11]	XIA Ge-ming, YU Chao-dong, CHEN Jian. Trust problems in edge computing:Challenges and reviews [J]. Computer Engineering & Science, 2023, 45(08): 1393-1404.
[12]	CAO Jian, CHEN Yi-mei, LI Hai-sheng, CAI Qiang, . A survey of pedestrian trajectory prediction based on graph neural network [J]. Computer Engineering & Science, 2023, 45(06): 1040-1053.
[13]	CHEN Xin-hai, LIU Jie, WAN Qian, GONG Chun-ye, . An improved method for solving partial differential equations using deep neural networks [J]. Computer Engineering & Science, 2022, 44(11): 1932-1940.
[14]	MA Ming-yuan, LI Hu, WANG Zi-bin, KUANG Xiao-hui. A survey of backdoor implantation and detection techniques on deep neural network model [J]. Computer Engineering & Science, 2022, 44(11): 1959-1968.
[15]	ZHANG Kai-sheng, ZHAO Xiao-fen. Robust speech recognition based on adaptive deep neural network in complex environment [J]. Computer Engineering & Science, 2022, 44(06): 1105-1113.

A dual-verification model watermarking scheme based on certification files

PDF

Knowledge

Abstract

Cite this article

share this article

Related Articles 15

Recommended Articles 0

Metrics

Comments