536 research outputs found
DeepMarks: A Digital Fingerprinting Framework for Deep Neural Networks
This paper proposes DeepMarks, a novel end-to-end framework for systematic
fingerprinting in the context of Deep Learning (DL). Remarkable progress has
been made in the area of deep learning. Sharing the trained DL models has
become a trend that is ubiquitous in various fields ranging from biomedical
diagnosis to stock prediction. As the availability and popularity of
pre-trained models are increasing, it is critical to protect the Intellectual
Property (IP) of the model owner. DeepMarks introduces the first fingerprinting
methodology that enables the model owner to embed unique fingerprints within
the parameters (weights) of her model and later identify undesired usages of
her distributed models. The proposed framework embeds the fingerprints in the
Probability Density Function (pdf) of trainable weights by leveraging the extra
capacity available in contemporary DL models. DeepMarks is robust against
fingerprints collusion as well as network transformation attacks, including
model compression and model fine-tuning. Extensive proof-of-concept evaluations
on MNIST and CIFAR10 datasets, as well as a wide variety of deep neural
networks architectures such as Wide Residual Networks (WRNs) and Convolutional
Neural Networks (CNNs), corroborate the effectiveness and robustness of
DeepMarks framework
Watermarking security part I: theory
This article proposes a theory of watermarking security based on a cryptanalysis point of view. The main idea is that information about the secret key leaks from the observations, for instance watermarked pieces of content, available to the opponent. Tools from information theory (Shannon's mutual information and Fisher's information matrix) can measure this leakage of information. The security level is then defined as the number of observations the attacker needs to successfully estimate the secret key. This theory is applied to common watermarking methods: the substitutive scheme and spread spectrum based techniques. Their security levels are calculated against three kinds of attack
Watermarking security: theory and practice
This article proposes a theory of watermarking security based on a cryptanalysis point of view. The main idea is that information about the secret key leaks from the observations, for instance watermarked pieces of content, available to the opponent. Tools from information theory (Shannon's mutual information and Fisher's information matrix) can measure this leakage of information. The security level is then defined as the number of observations the attacker needs to successfully estimate the secret key. This theory is applied to two common watermarking methods: the substitutive scheme and the spread spectrum based techniques. Their security levels are calculated against three kinds of attack. The experimental work illustrates how Blind Source Separation (especially Independent Component Analysis) algorithms help the opponent exploiting this information leakage to disclose the secret carriers in the spread spectrum case. Simulations assess the security levels derived in the theoretical part of the article
AN INVESTIGATION OF DIFFERENT VIDEOÂ WATERMARKING TECHNIQUES
Watermarking is an advanced technology that identifies to solve the problem of illegal manipulation and distribution of digital data. It is the art of hiding the copyright information into host such that the embedded data is imperceptible. The covers in the forms of digital multimedia object, namely image, audio and video. The extensive literature collected related to the performance improvement of video watermarking techniques is critically reviewed and presented in this paper. Also, comprehensive review of the literature on the evolution of various video watermarking techniques to achieve robustness and to maintain the quality of watermarked video sequences
Recommended from our members
High capacity steganographic method based upon JPEG
The two most important aspects of any image-based
steganographic system are the quality of the stegoimage and the capacity of the cover image. This paper proposes a novel and high capacity steganographic approach based on Discrete Cosine Transformation (DCT) and JPEG compression. JPEG technique divides the input image into non-overlapping blocks of 8x8 pixels and uses the DCT transformation. However, our proposed method divides the cover image into nonoverlapping
blocks of 16x16 pixels. For each quantized
DCT block, the least two-significant bits (2-LSBs) of each middle frequency coefficient are modified to embed two secret bits. Our aim is to investigate the data hiding efficiency using larger blocks for JPEG compression. Our experiment result shows that the proposed approach can provide a higher information hiding capacity than Jpeg-Jsteg and Chang et al. methods based on the conventional blocks of 8x8 pixels. Furthermore, the produced stego-images are almost identical to the original cover images
- …