This paper presents a novel fingerprinting scheme for the Intellectual Property (IP) protection of Generative Adversarial Networks (GANs). Prior solutions for classification models adopt adversarial examples as the fingerprints, which can raise stealthiness and robustness problems when they are applied to the GAN models. Our scheme constructs a composite deep learning model from the target GAN and a classifier. Then we generate stealthy fingerprint samples from this composite model, and register them to the classifier for effective ownership verification. This scheme inspires three concrete methodologies to practically protect the modern GAN models. Theoretical analysis proves that these methods can satisfy different security requirements necessary for IP protection. We also conduct extensive experiments to show that our solutions outperform existing strategies in terms of stealthiness, functionality-preserving and unremovability.
翻译:本文介绍了知识产权保护基因反转网络(GANs)的新颖的指纹鉴定计划; 分类模型的先前解决办法采用对抗性例子作为指纹,当这些例子应用于GAN模型时,可能会引起隐形性和稳健性问题; 我们的计划从目标GAN和一个分类器中构建了一个综合的深层次学习模型; 然后我们从这一综合模型中生成隐形指纹样本,并将它们登记到分类器,以进行有效的所有权核查; 这个计划激发了三种具体的方法,以实际保护现代GAN模型。 理论分析证明这些方法可以满足知识产权保护所需的不同安全要求。 我们还进行了广泛的实验,以表明我们的解决方案在隐形性、功能保留和不可移动性方面超过了现有的战略。
相关内容
微信扫码咨询专知VIP会员