DNN Watermarking

DNN watermarking aims to protect the intellectual property of deep learning models by embedding hidden identifiers, allowing ownership verification. Current research focuses on developing robust watermarking techniques that are resistant to various removal attacks, including model modifications and retraining, while minimizing impact on model accuracy. These techniques range from embedding watermarks directly into model parameters (white-box) to manipulating model prediction behavior (black-box), with ongoing efforts to improve watermark capacity and resilience. The successful development of robust DNN watermarking methods will have significant implications for the security and commercial viability of AI technologies.