检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:彭维平[1] 刘家宝 平源[2] 马迪 宋成[1] PENG Weiping;LIU Jiabao;PING Yuan;MA Di;SONG Cheng(School of Computer Science and Technology,Henan Polytechnic University,Jiaozuo 454003,P.R.China;School of Information Engineering,Xuchang University,Xuchang 461000,P.R.China)
机构地区:[1]河南理工大学计算机科学与技术学院,河南焦作454003 [2]许昌学院信息工程学院,河南许昌461000
出 处:《重庆邮电大学学报(自然科学版)》2024年第4期765-774,共10页Journal of Chongqing University of Posts and Telecommunications(Natural Science Edition)
基 金:河南省重点研发与推广专项(212102210084)。
摘 要:针对经典模型水印技术在保护模型所有权过程中存在鲁棒性差、提取率低等问题,融合白、黑盒水印优势,提出了一种特征嵌入的模型保护方案。按照香农熵大小进行数据集样本划分的策略,将数据集样本划分为良性样本、风格迁移样本、关键密钥样本;利用风格迁移样本集对模型嵌入外部特征,将关键密钥样本标签嵌入模型内部特征;通过训练二元分类器并利用掩码梯度下降方法修改极少量参数让模型产生特定输出来综合判断模型是否被窃取。实验结果表明,所提方案用较小开销保证了水印的高保真度,在标签查询、知识蒸馏等攻击下仍具有较高稳定性,且能规避恶意检测风险。In response to the limitations of classical model watermarking techniques in protecting model ownership,such as poor robustness and low extraction rates,we propose a fusion watermarking model protection scheme that integrates the advantages of white-box and black-box watermarking.A strategy is proposed to divide the dataset samples into benign samples,style transfer samples,and key samples based on the size of Shannon entropy.The style transfer sample set is used to embed external features into the model,while the labels of key samples are used to embed internal features into the model.A binary classifier is trained,and a mask gradient descent method is employed to modify a minimal number of parameters to generate specific outputs for comprehensive judgment of model theft.Experimental results demonstrate that the proposed scheme ensures high fidelity of the watermark with less overhead.It exhibits high stability against attacks such as label querying and knowledge distillation,while also avoiding the risk of malicious detection.
分 类 号:TP183[自动化与计算机技术—控制理论与控制工程]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.38