CONFERENCE PROCEEDINGS
Advanced Search
Home > Proceedings > Volume 12177 > Article
Paper
30 April 2022 Tolerance of CNN watermarking against model optimizations
Yudai Yamaji, Shigeyuki Sakazawa
Author Affiliations +
Proceedings Volume 12177, International Workshop on Advanced Imaging Technology (IWAIT) 2022; 121771R (2022) https://doi.org/10.1117/12.2625769
Event: International Workshop on Advanced Imaging Technology 2022 (IWAIT 2022), 2022, Hong Kong, China
Abstract
Models created by companies and individuals by training a large amount of data are important assets and need to be protected by copyright. As a method of copyright protection, experiments have been conducted to embed a watermark into the learning model. This watermark is embedded directly into the parameters of the learning model, but the values of the parameters will change when the learning model is subjected to model compression process such as quantization. In our previous study, we showed that the effect of quantization on the watermark was small and that the embedded watermark could be retrieved. In this paper, as a further investigation, we conduct experiments on the effect of both pruning and quantization, and quantization aware training on the watermarking when creating the trained model. In the experiments, we used models of two different scales, one large and one small, and performed the above-mentioned processing on each model to check the state of the watermark. The results show that the models with both pruning and quantization show significant degradation of the watermark for small-scale models, but this is eliminated when the models are quantized. In the case of quantization aware training, there was no effect on watermarking.
© (2022) COPYRIGHT Society of Photo-Optical Instrumentation Engineers (SPIE). Downloading of the abstract is permitted for personal use only.
Citation Download Citation
Yudai Yamaji and Shigeyuki Sakazawa "Tolerance of CNN watermarking against model optimizations", Proc. SPIE 12177, International Workshop on Advanced Imaging Technology (IWAIT) 2022, 121771R (30 April 2022); https://doi.org/10.1117/12.2625769
ACCESS THE FULL ARTICLE
ORGANIZATIONAL
Sign in with credentials provided by your organization.
INSTITUTIONAL
Select your institution to access the SPIE Digital Library.
SELECT YOUR INSTITUTION
PERSONAL
Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.
PERSONAL SIGN IN
No SPIE Account? Create one
PURCHASE THIS CONTENT
SUBSCRIBE TO DIGITAL LIBRARY
50 downloads per 1-year subscription
Members: $195
Non-members: $335 ADD TO CART
25 downloads per 1 - year subscription
Members: $145
Non-members: $250 ADD TO CART
PURCHASE SINGLE ARTICLE
Includes PDF, HTML & Video, when available
Members: $17.00
Non-members: $21.00 ADD TO CART
PROCEEDINGS
 6 PAGES
DOWNLOAD PAPER SAVE TO MY LIBRARY
GET CITATION
Advertisement
Advertisement
RIGHTS & PERMISSIONS
Get copyright permission  Get copyright permission on Copyright Marketplace
KEYWORDS
Digital watermarking
Quantization
Data modeling
Process modeling
Systems modeling
Tolerancing
Optimization (mathematics)
RELATED CONTENT
Modeling and control strategy of hybrid electric vehicle system
Proceedings of SPIE (September 07 2022)
Impaired behavior recognition based on multi-head-Siamese neural network
Proceedings of SPIE (April 29 2022)
Text similarity of autonomous marking system based on deep learning
Proceedings of SPIE (October 20 2022)
Adding identity numbers to deep neural networks
Proceedings of SPIE (February 14 2020)
iDeepLe: deep learning in a flash
Proceedings of SPIE (May 09 2018)
Neurocontrol: concepts and applications
Proceedings of SPIE (September 01 1993)
Identification, model switching detection, and prediction of complex systems using...
Proceedings of SPIE (March 26 1998)
Subscribe to Digital Library
Receive Erratum Email Alert
Back to Top