计算机工程与科学2024,Vol.46Issue(6):1013-1021,9.DOI:10.3969/j.issn.1007-130X.2024.06.008
基于隐形后门水印的开源数据集版权保护
Copyright protection of open-sourced datasets based on invisible backdoor watermarking
摘要
Abstract
To address the copyright protection issue in the field of image classification datasets,a traceable method based on invisible backdoor watermarking,named IBWOD,is proposed.This method ensures the watermark's strong concealment while maintaining good usability and effectiveness.First-ly,an encoder-decoder network is used to embed the backdoor watermark into selected samples,genera-ting watermark samples.Secondly,the labels of these watermark samples are modified to specified la-bels,and then the watermark samples are merged with unmodified samples to form a watermark data-set.Models trained using this watermark dataset will leave a specific backdoor,i.e.,a mapping rela-tionship from the backdoor watermark to the specified labels.Finally,a corresponding model verifica-tion algorithm is proposed,based on this special mapping relationship,to verify if a suspicious model has used the watermark dataset.Experimental results demonstrate that IBWOD can effectively verify whether a model has used the watermark dataset and possesses strong concealment.关键词
开源数据集/版权保护/后门水印/机器学习/图像分类Key words
open-sourced dataset/copyright protection/backdoor watermarking/machine learning/image classification分类
信息技术与安全科学引用本文复制引用
黄智慧,肖祥立,张玉书,薛明富..基于隐形后门水印的开源数据集版权保护[J].计算机工程与科学,2024,46(6):1013-1021,9.基金项目
国家自然科学基金(62072237) (62072237)
江苏省研究生科研与实践创新计划(KYCX24_0610) (KYCX24_0610)
