Watermarking Deep Neural Networks for Embedded Systems
Deep neural networks (DNNs) have become an important tool for bringing intelligence to mobile and embedded devices. The increasingly wide deployment, sharing and potential commercialization of DNN models create a compelling need for intellectual property (IP) protection. Recently, DNN watermarking e...
Saved in:
| Published in: | 2018 IEEE/ACM International Conference on Computer-Aided Design (ICCAD) pp. 1 - 8 |
|---|---|
| Main Authors: | , |
| Format: | Conference Proceeding |
| Language: | English |
| Published: |
ACM
01.11.2018
|
| Subjects: | |
| ISSN: | 1558-2434 |
| Online Access: | Get full text |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Abstract | Deep neural networks (DNNs) have become an important tool for bringing intelligence to mobile and embedded devices. The increasingly wide deployment, sharing and potential commercialization of DNN models create a compelling need for intellectual property (IP) protection. Recently, DNN watermarking emerges as a plausible IP protection method. Enabling DNN watermarking on embedded devices in a practical setting requires a black-box approach. Existing DNN watermarking frameworks either fail to meet the black-box requirement or are susceptible to several forms of attacks. We propose a watermarking framework by incorporating the author's signature in the process of training DNNs. While functioning normally in regular cases, the resulting watermarked DNN behaves in a different, predefined pattern when given any signed inputs, thus proving the authorship. We demonstrate an example implementation of the framework on popular image classification datasets and show that strong watermarks can be embedded in the models. |
|---|---|
| AbstractList | Deep neural networks (DNNs) have become an important tool for bringing intelligence to mobile and embedded devices. The increasingly wide deployment, sharing and potential commercialization of DNN models create a compelling need for intellectual property (IP) protection. Recently, DNN watermarking emerges as a plausible IP protection method. Enabling DNN watermarking on embedded devices in a practical setting requires a black-box approach. Existing DNN watermarking frameworks either fail to meet the black-box requirement or are susceptible to several forms of attacks. We propose a watermarking framework by incorporating the author's signature in the process of training DNNs. While functioning normally in regular cases, the resulting watermarked DNN behaves in a different, predefined pattern when given any signed inputs, thus proving the authorship. We demonstrate an example implementation of the framework on popular image classification datasets and show that strong watermarks can be embedded in the models. |
| Author | Potkonjak, Miodrag Guo, Jia |
| Author_xml | – sequence: 1 givenname: Jia surname: Guo fullname: Guo, Jia organization: Computer Science Department, University of California, Los Angeles – sequence: 2 givenname: Miodrag surname: Potkonjak fullname: Potkonjak, Miodrag organization: Computer Science Department, University of California, Los Angeles |
| BookMark | eNotjk1Lw0AURUdRsK1du3CTP5D65s1nllJbFYouVFyWSeaNxDZJmYlI_70jurkH7oHLnbKzfuiJsSsOC86luhEowWi1-KXVeMKmuQWhKgXmlE24UrZEKeQFm6f0CQBoDc96wvS7Gyl2Lu7a_qO4IzoUT_QV3T5j_B7iLhVhiMWqq8l78sXLMY3UpUt2Htw-0fyfM_a2Xr0uH8rN8_3j8nZTOpRmLBGF5DUFMBiMBxDW11CRwMZjgxRycqubqm6CIS2Dddr7bIWSxtdOiBm7_tttiWh7iG1-etxaZY2RSvwAk8NHUA |
| ContentType | Conference Proceeding |
| DBID | 6IE 6IH CBEJK RIE RIO |
| DOI | 10.1145/3240765.3240862 |
| DatabaseName | IEEE Electronic Library (IEL) Conference Proceedings IEEE Proceedings Order Plan (POP) 1998-present by volume IEEE Xplore All Conference Proceedings IEEE Xplore IEEE Proceedings Order Plans (POP) 1998-present |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: RIE name: IEEE Electronic Library (IEL) url: https://ieeexplore.ieee.org/ sourceTypes: Publisher |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Engineering |
| EISBN | 1450359507 9781450359504 |
| EISSN | 1558-2434 |
| EndPage | 8 |
| ExternalDocumentID | 8587745 |
| Genre | orig-research |
| GroupedDBID | 123 6IE 6IF 6IH 6IL 6IN AAWTH ABLEC ADZIZ ALMA_UNASSIGNED_HOLDINGS APO BEFXN BFFAM BGNUA BKEBE BPEOZ CBEJK CHZPO FEDTE IEGSK IJVOP M43 OCL RIE RIL RIO |
| ID | FETCH-LOGICAL-a247t-22341bef072f7d0038db09e32cd2c2efd2c186c9bcf7e64f8a6dd32c3547dba33 |
| IEDL.DBID | RIE |
| ISICitedReferencesCount | 110 |
| ISICitedReferencesURI | http://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=Summon&SrcAuth=ProQuest&DestLinkType=CitingArticles&DestApp=WOS_CPL&KeyUT=000494640800131&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| IngestDate | Wed Aug 27 02:56:49 EDT 2025 |
| IsPeerReviewed | false |
| IsScholarly | true |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-a247t-22341bef072f7d0038db09e32cd2c2efd2c186c9bcf7e64f8a6dd32c3547dba33 |
| PageCount | 8 |
| ParticipantIDs | ieee_primary_8587745 |
| PublicationCentury | 2000 |
| PublicationDate | 2018-Nov. |
| PublicationDateYYYYMMDD | 2018-11-01 |
| PublicationDate_xml | – month: 11 year: 2018 text: 2018-Nov. |
| PublicationDecade | 2010 |
| PublicationTitle | 2018 IEEE/ACM International Conference on Computer-Aided Design (ICCAD) |
| PublicationTitleAbbrev | ICCAD |
| PublicationYear | 2018 |
| Publisher | ACM |
| Publisher_xml | – name: ACM |
| SSID | ssj0002871359 ssj0020286 |
| Score | 2.5117495 |
| Snippet | Deep neural networks (DNNs) have become an important tool for bringing intelligence to mobile and embedded devices. The increasingly wide deployment, sharing... |
| SourceID | ieee |
| SourceType | Publisher |
| StartPage | 1 |
| SubjectTerms | ACM Reference format Cloud computing deep neural networks Embedded systems Neural networks Software algorithms Watermarking |
| Title | Watermarking Deep Neural Networks for Embedded Systems |
| URI | https://ieeexplore.ieee.org/document/8587745 |
| WOSCitedRecordID | wos000494640800131&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV25TgMxEB2FiAIajgRxywUlm6yPtb01JKKKUoBIF_kYS0iQRDn4fmxnFVLQ0NiW3fiQPM_PM28AHoSkVFFmC8-sSmyVLCIK4YUXBoWwnJtQ5mQTajTSk0k9bsHjLhYGEbPzGfZSM__l-7nbJKqsrysd0Up1AAdKyW2s1o5PScifJ9PcPLZih2ykfKio-kl3Tsmql2qdUuPs5VLJpmR48r9JnEL3NyaPjHfW5gxaODuH4z05wQ7Id5Mv2kx_k2fEBUnaG-YzVtnZe0UiRCWDL4vxuvGkUSvvwttw8Pr0UjR5EQrDhFoX0aILajGUigXl09-et2WNnDnPHMMQS6qlq60LCqUI2kjv4yivhPLWcH4B7dl8hpdARMkVcuVD5XR8KtHaoAoGE7uEziBeQSftwHSxlb6YNou__rv7Bo4intDbUL1baK-XG7yDQ_e9_lgt7_N5_QDmJpVl |
| linkProvider | IEEE |
| linkToHtml | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV1LTwIxEJ4gmqgXH2B8uwePLuy23bacFYIRCQeM3Egf08REgfDw99uWDXLw4qVt2ksfSefr15lvAO4Zz3ORE51aokVgq3jqUQhNLVPImKZUuSwmmxD9vhyNWoMKPGxiYRAxOp9hIzTjX76dmlWgypqykB6tFDuwWzBGsnW01oZRCdifBuNcPrd8By_FfHJWNIPynOBFI9QyJMfZyqYSjUnn6H_TOIb6b1ReMtjYmxOo4OQUDrcEBWvA31W8aiMBnjwhzpKgvqE-fRXdvReJB6lJ-0ujv3BsUuqV1-Gt0x4-dtMyM0KqCBPL1Nt0lmt0mSBO2PC7Z3XWQkqMJYag82UuuWlp4wRy5qTi1vpRWjBhtaL0DKqT6QTPIWEZFUiFdYWR_rGUtxQKpzDwS2gU4gXUwg6MZ2vxi3G5-Mu_u-9gvzt87Y17z_2XKzjw6EKuA_euobqcr_AG9sz38mMxv41n9wPdYpis |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=proceeding&rft.title=2018+IEEE%2FACM+International+Conference+on+Computer-Aided+Design+%28ICCAD%29&rft.atitle=Watermarking+Deep+Neural+Networks+for+Embedded+Systems&rft.au=Guo%2C+Jia&rft.au=Potkonjak%2C+Miodrag&rft.date=2018-11-01&rft.pub=ACM&rft.eissn=1558-2434&rft.spage=1&rft.epage=8&rft_id=info:doi/10.1145%2F3240765.3240862&rft.externalDocID=8587745 |