基于注意力机制和护照层嵌入的图像处理模型水印方法OA北大核心CSTPCD

With the wide application of deep neural networks in the field of artificial intelligence,the copyright protection of deep neural networks has received extensive attention.However,so far,most of the methods for model copyright protection focus on detection or classification tasks,and are difficult to be directly applied to image processing networks.To this end,this paper proposes an image processing model copyright protection framework combining attention mechanism and passport layer embedding.Firstly,the channel and spatial attention network are used in the watermark embedding network to locate the human eye insensitive area in the image,which improves the robustness and imperceptibility of the watermark.Secondly,the passport layer watermark is inserted after the convolution layer of the target model to improve the ability to resist the ambiguity attacks.Finally,the combination loss is designed to guide the convergence direction of the model in combination with structural consistency and passport layer factors.Experimental results on super-resolution and semantic segmentation models show that the watermark extraction rate of this method is more than 98％,and it has good robustness to surrogate attack and ambiguity attack.