EmMark: Robust Watermarks for IP Protection of Embedded Quantized Large Language Models
This addresses IP protection for model proprietors deploying LLMs on resource-constrained devices, representing an incremental advance in watermarking techniques.
The paper tackles the problem of intellectual property theft for embedded large language models on edge devices by introducing EmMark, a watermarking framework that achieves 100% success in watermark extraction while preserving model performance.
This paper introduces EmMark,a novel watermarking framework for protecting the intellectual property (IP) of embedded large language models deployed on resource-constrained edge devices. To address the IP theft risks posed by malicious end-users, EmMark enables proprietors to authenticate ownership by querying the watermarked model weights and matching the inserted signatures. EmMark's novelty lies in its strategic watermark weight parameters selection, nsuring robustness and maintaining model quality. Extensive proof-of-concept evaluations of models from OPT and LLaMA-2 families demonstrate EmMark's fidelity, achieving 100% success in watermark extraction with model performance preservation. EmMark also showcased its resilience against watermark removal and forging attacks.