PhD Seminar • Cryptography, Security and Privacy (CrySP) • Can Watermarking Control the Misuse of Deep Image Generators?Export this event to calendar

Thursday, September 7, 2023 — 10:00 AM to 11:00 AM EDT

Please note: This PhD seminar will take place in DC 3317.

Nils Lukas, PhD candidate
David R. Cheriton School of Computer Science

Supervisor: Professor Florian Kerschbaum

Watermarking controls misuse of deep neural networks by secretly marking any generated output with a hidden message. Robustness is a key characteristic of watermarking, where an attacker cannot remove a watermark without also substantially degrading the model’s accuracy. In this seminar, I present a novel approach to generate a watermarking key that is learnable, which increases the watermark’s effectiveness and robustness. Then, I discuss our proposed method’s (un)detectability and robustness.

We show that our watermark substantially outperforms existing watermarks in all measured quantities and that it is robust and undetectable against attackers limited to black-box API access. However, we present attacks showing that watermarking is not robust against an attacker with access to the model’s parameters, meaning that watermarking open-source models is likely infeasible. Finally, we discuss whether watermarking can be a promising solution to controlling misuse.

Location 
DC - William G. Davis Computer Research Centre
DC 3317
200 University Avenue West

Waterloo, ON N2L 3G1
Canada
Event tags 

S M T W T F S
28
29
30
31
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
1
2
  1. 2024 (57)
    1. April (2)
    2. March (5)
    3. February (25)
    4. January (25)
  2. 2023 (296)
    1. December (20)
    2. November (28)
    3. October (15)
    4. September (25)
    5. August (30)
    6. July (30)
    7. June (22)
    8. May (23)
    9. April (32)
    10. March (31)
    11. February (18)
    12. January (22)
  3. 2022 (245)
  4. 2021 (210)
  5. 2020 (217)
  6. 2019 (255)
  7. 2018 (217)
  8. 2017 (36)
  9. 2016 (21)
  10. 2015 (36)
  11. 2014 (33)
  12. 2013 (23)
  13. 2012 (4)
  14. 2011 (1)
  15. 2010 (1)
  16. 2009 (1)
  17. 2008 (1)