基于隐形后门水印的开源数据集版权保护OA北大核心CSTPCD

To address the copyright protection issue in the field of image classification datasets,a traceable method based on invisible backdoor watermarking,named IBWOD,is proposed.This method ensures the watermark's strong concealment while maintaining good usability and effectiveness.First-ly,an encoder-decoder network is used to embed the backdoor watermark into selected samples,genera-ting watermark samples.Secondly,the labels of these watermark samples are modified to specified la-bels,and then the watermark samples are merged with unmodified samples to form a watermark data-set.Models trained using this watermark dataset will leave a specific backdoor,i.e.,a mapping rela-tionship from the backdoor watermark to the specified labels.Finally,a corresponding model verifica-tion algorithm is proposed,based on this special mapping relationship,to verify if a suspicious model has used the watermark dataset.Experimental results demonstrate that IBWOD can effectively verify whether a model has used the watermark dataset and possesses strong concealment.