Protecting artificial intelligence IPs: a survey of watermarking and fingerprinting for machine learning

Disclaimer/Complaints regulations If you believe that digital publication of certain material infringes any of your rights or (privacy) interests, please let the Library know, stating your reasons. In case of a legitimate complaint, the Library will make the material inaccessible and/or remove it from the website. Please Ask the Library: https://uba.uva.nl/en/contact, or a letter to: Library of the University of Amsterdam, Secretariat, Singel 425, 1012 WP Amsterdam, The Netherlands. You will be contacted as soon as possible.

[1]  Luca Antiga,et al.  Automatic differentiation in PyTorch , 2017 .

[2]  C. J. Tan,et al.  Deep Blue: computer chess and massively parallel systems (extended abstract) , 1995, ICS '95.

[3]  Geoffrey E. Hinton,et al.  Deep Learning , 2015, Nature.

[4]  Miodrag Potkonjak,et al.  Evolutionary Trigger Set Generation for DNN Black-Box Watermarking , 2019, ArXiv.

[5]  Miodrag Potkonjak,et al.  Watermarking techniques for intellectual property protection , 1998, Proceedings 1998 Design and Automation Conference. 35th DAC. (Cat. No.98CH36175).

[6]  Emi Myodo,et al.  Visual Decoding of Hidden Watermark in Trained Deep Neural Network , 2019, 2019 IEEE Conference on Multimedia Information Processing and Retrieval (MIPR).

[7]  J. Deneubourg,et al.  The self-organizing exploratory pattern of the argentine ant , 1990, Journal of Insect Behavior.

[8]  James A. Hendler,et al.  Planning: What it is, What it could be, An Introduction to the Special Issue on Planning and Scheduling , 1995, Artif. Intell..

[9]  Jonathon Shlens,et al.  Explaining and Harnessing Adversarial Examples , 2014, ICLR.

[10]  Constantine D. Spyropoulos,et al.  AI planning and scheduling in the medical hospital environment , 2000, Artif. Intell. Medicine.

[11]  Jinyuan Jia,et al.  IPGuard: Protecting the Intellectual Property of Deep Neural Networks via Fingerprinting the Classification Boundary , 2019, ArXiv.

[12]  Ankur Srivastava,et al.  Hardware-Assisted Intellectual Property Protection of Deep Learning Models , 2020, 2020 57th ACM/IEEE Design Automation Conference (DAC).

[13]  Dawn Song,et al.  REFIT: A Unified Watermark Removal Framework For Deep Learning Systems With Limited Data , 2021, AsiaCCS.

[14]  Trevor Darrell,et al.  Caffe: Convolutional Architecture for Fast Feature Embedding , 2014, ACM Multimedia.

[15]  Erwan Le Merrer,et al.  Adversarial frontier stitching for remote neural network watermarking , 2017, Neural Computing and Applications.

[16]  Konrad Rieck,et al.  Forgotten Siblings: Unifying Attacks on Machine Learning and Digital Watermarking , 2018, 2018 IEEE European Symposium on Security and Privacy (EuroS&P).

[17]  Ren-Hung Hwang,et al.  P2P File Sharing System over MANET based on Swarm Intelligence: A Cross-Layer Design , 2007, 2007 IEEE Wireless Communications and Networking Conference.

[18]  Benny Pinkas,et al.  Turning Your Weakness Into a Strength: Watermarking Deep Neural Networks by Backdooring , 2018, USENIX Security Symposium.

[19]  Albert Y. Zomaya Handbook of Nature-Inspired and Innovative Computing - Integrating Classical Models with Emerging Technologies , 2006 .

[20]  Trevor Darrell,et al.  Rich Feature Hierarchies for Accurate Object Detection and Semantic Segmentation , 2013, 2014 IEEE Conference on Computer Vision and Pattern Recognition.

[21]  Shanqing Guo,et al.  How to prove your model belongs to you: a blind-watermark based framework to protect intellectual property of DNN , 2019, ACSAC.

[22]  Samuel Marchal,et al.  PRADA: Protecting Against DNN Model Stealing Attacks , 2018, 2019 IEEE European Symposium on Security and Privacy (EuroS&P).

[23]  Xinyun Chen,et al.  Leveraging Unlabeled Data for Watermark Removal of Deep Neural Networks , 2019 .

[24]  James Kennedy,et al.  Particle swarm optimization , 2002, Proceedings of ICNN'95 - International Conference on Neural Networks.

[25]  Lujo Bauer,et al.  Accessorize to a Crime: Real and Stealthy Attacks on State-of-the-Art Face Recognition , 2016, CCS.

[26]  Edmund H. Durfee,et al.  A Survey of Research in Distributed, Continual Planning , 1999, AI Mag..

[27]  David J. Spiegelhalter,et al.  Machine Learning, Neural and Statistical Classification , 2009 .

[28]  Atul Prakash,et al.  Robust Physical-World Attacks on Deep Learning Visual Classification , 2018, 2018 IEEE/CVF Conference on Computer Vision and Pattern Recognition.

[29]  David E. Goldberg,et al.  Genetic algorithms and Machine Learning , 1988, Machine Learning.

[30]  Sven Behnke,et al.  Deep Learning , 2012, KI - Künstliche Intelligenz.

[31]  Jing Wang,et al.  Swarm Intelligence in Cellular Robotic Systems , 1993 .

[32]  Nils J. Nilsson,et al.  Artificial Intelligence , 1974, IFIP Congress.

[33]  K. K. Benke,et al.  A Machine Vision System with Learning Capabilities , 1988, Australian Joint Conference on Artificial Intelligence.

[34]  Hung Dang,et al.  Effectiveness of Distillation Attack and Countermeasure on Neural Network Watermarking , 2019, ArXiv.

[35]  Nasir D. Memon,et al.  Combatting Ambiguity Attacks via Selective Detection of Embedded Watermarks , 2007, IEEE Transactions on Information Forensics and Security.

[36]  Stephanie Dick,et al.  Machines Who Write [Think Piece] , 2013, IEEE Ann. Hist. Comput..

[37]  Frank Puppe,et al.  Systematic introduction to expert systems - knowledge representations and problem-solving methods , 2011 .

[38]  Farinaz Koushanfar,et al.  DeepSigns: An End-to-End Watermarking Framework for Ownership Protection of Deep Neural Networks , 2019, ASPLOS.

[39]  Jun Sakuma,et al.  Robust Watermarking of Neural Network with Exponential Weighting , 2019, AsiaCCS.

[40]  Machines Who Write , 2013 .

[41]  Hui Wu,et al.  Protecting Intellectual Property of Deep Neural Networks with Watermarking , 2018, AsiaCCS.

[42]  Shin'ichi Satoh,et al.  Embedding Watermarks into Deep Neural Networks , 2017, ICMR.

[43]  Gang Qu,et al.  A practical circuit fingerprinting method utilizing observability don't care conditions , 2015, 2015 52nd ACM/EDAC/IEEE Design Automation Conference (DAC).

[44]  Geoffrey E. Hinton,et al.  Distilling the Knowledge in a Neural Network , 2015, ArXiv.

[45]  V. Walsh,et al.  Automatic speech recognition using artificial intelligence methods , 1987, ECST.

[46]  Andrew W. Moore,et al.  Reinforcement Learning: A Survey , 1996, J. Artif. Intell. Res..

[47]  Randy Goebel,et al.  Computational intelligence - a logical approach , 1998 .

[48]  Song Han,et al.  Deep Compression: Compressing Deep Neural Network with Pruning, Trained Quantization and Huffman Coding , 2015, ICLR.

[49]  Farinaz Koushanfar,et al.  DeepMarks: A Secure Fingerprinting Framework for Digital Rights Management of Deep Learning Models , 2019, ICMR.

[50]  Florian Kerschbaum,et al.  Attacks on Digital Watermarks for Deep Neural Networks , 2019, ICASSP 2019 - 2019 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP).

[51]  Brendan Dolan-Gavitt,et al.  Fine-Pruning: Defending Against Backdooring Attacks on Deep Neural Networks , 2018, RAID.

[52]  Frank Puppe,et al.  Systematic Introduction to Expert Systems , 1993, Springer Berlin Heidelberg.

[53]  Miodrag Potkonjak,et al.  Watermarking Deep Neural Networks for Embedded Systems , 2018, 2018 IEEE/ACM International Conference on Computer-Aided Design (ICCAD).

[54]  Simon S. Woo,et al.  Neural Network Laundering: Removing Black-Box Backdoor Watermarks from Deep Neural Networks , 2020, Comput. Secur..

[55]  James Kennedy,et al.  Swarm Intelligence , 2010, Encyclopedia of Machine Learning.

[56]  Rui Xu,et al.  Survey of clustering algorithms , 2005, IEEE Transactions on Neural Networks.

[57]  Azhar Hussain,et al.  Artificial Intelligence for Vehicle-to-Everything: A Survey , 2019, IEEE Access.

[58]  Jim X. Chen,et al.  The Evolution of Computing: AlphaGo , 2016, Comput. Sci. Eng..

[59]  Marco Dorigo,et al.  Optimization, Learning and Natural Algorithms , 1992 .

[60]  Florian Kerschbaum,et al.  On the Robustness of Backdoor-based Watermarking in Deep Neural Networks , 2019, IH&MMSec.

[61]  Farinaz Koushanfar,et al.  DeepAttest: An End-to-End Attestation Framework for Deep Neural Networks , 2019, 2019 ACM/IEEE 46th Annual International Symposium on Computer Architecture (ISCA).

[62]  Lixin Fan,et al.  Rethinking Deep Neural Network Ownership Verification: Embedding Passports to Defeat Ambiguity Attacks , 2019, NeurIPS.