Digital Passport: A Novel Technological Strategy for Intellectual Property Protection of Convolutional Neural Networks
This addresses intellectual property protection for deep neural network owners, offering a preventive solution against infringement, though it is incremental as it builds on existing watermarking and verification concepts.
The paper tackles the problem of protecting convolutional neural networks from unauthorized use by embedding a digital passport that disables network functionality for unverified users, achieving significant performance drops (33% to 82% reductions in CIFAR10 accuracy) while maintaining full performance with valid passports.
In order to prevent deep neural networks from being infringed by unauthorized parties, we propose a generic solution which embeds a designated digital passport into a network, and subsequently, either paralyzes the network functionalities for unauthorized usages or maintain its functionalities in the presence of a verified passport. Such a desired network behavior is successfully demonstrated in a number of implementation schemes, which provide reliable, preventive and timely protections against tens of thousands of fake-passport deceptions. Extensive experiments also show that the deep neural network performance under unauthorized usages deteriorate significantly (e.g. with 33% to 82% reductions of CIFAR10 classification accuracies), while networks endorsed with valid passports remain intact.