Evaluation of Security of ML-based Watermarking: Copy and Removal Attacks
It addresses security gaps in copyright protection for digital content, though it appears incremental as it builds on existing watermarking methods.
This paper tackles the problem of evaluating the security of foundation model-based digital watermarking systems against adversarial attacks, finding vulnerabilities through copy and removal attacks with empirical insights from experiments.
The vast amounts of digital content captured from the real world or AI-generated media necessitate methods for copyright protection, traceability, or data provenance verification. Digital watermarking serves as a crucial approach to address these challenges. Its evolution spans three generations: handcrafted, autoencoder-based, and foundation model based methods. While the robustness of these systems is well-documented, the security against adversarial attacks remains underexplored. This paper evaluates the security of foundation models' latent space digital watermarking systems that utilize adversarial embedding techniques. A series of experiments investigate the security dimensions under copy and removal attacks, providing empirical insights into these systems' vulnerabilities. All experimental codes and results are available at https://github.com/vkinakh/ssl-watermarking-attacks .