Digital Watermarking for Machine Learning Model: Techniques, Protocols and Applications
暫譯: 機器學習模型的數位水印技術:技術、協議與應用
Fan, Lixin, Chan, Chee Seng, Yang, Qiang
- 出版商: Springer
- 出版日期: 2023-05-30
- 售價: $6,720
- 貴賓價: 9.5 折 $6,384
- 語言: 英文
- 頁數: 225
- 裝訂: Hardcover - also called cloth, retail trade, or trade
- ISBN: 9811975531
- ISBN-13: 9789811975530
-
相關分類:
Machine Learning
海外代購書籍(需單獨結帳)
相關主題
商品描述
Machine learning (ML) models, especially large pretrained deep learning (DL) models, are of high economic value and must be properly protected with regard to intellectual property rights (IPR). Model watermarking methods are proposed to embed watermarks into the target model, so that, in the event it is stolen, the model's owner can extract the pre-defined watermarks to assert ownership. Model watermarking methods adopt frequently used techniques like backdoor training, multi-task learning, decision boundary analysis etc. to generate secret conditions that constitute model watermarks or fingerprints only known to model owners. These methods have little or no effect on model performance, which makes them applicable to a wide variety of contexts. In terms of robustness, embedded watermarks must be robustly detectable against varying adversarial attacks that attempt to remove the watermarks. The efficacy of model watermarking methods is showcased in diverse applications including image classification, image generation, image captions, natural language processing and reinforcement learning.
This book covers the motivations, fundamentals, techniques and protocols for protecting ML models using watermarking. Furthermore, it showcases cutting-edge work in e.g. model watermarking, signature and passport embedding and their use cases in distributed federated learning settings.
商品描述(中文翻譯)
機器學習(ML)模型,特別是大型預訓練的深度學習(DL)模型,具有高經濟價值,必須在智慧財產權(IPR)方面得到妥善保護。模型水印技術被提出用來將水印嵌入目標模型中,以便在模型被盜的情況下,模型的擁有者可以提取預先定義的水印來主張所有權。模型水印方法採用常用的技術,如後門訓練、多任務學習、決策邊界分析等,來生成只有模型擁有者知道的秘密條件,這些條件構成了模型水印或指紋。這些方法對模型性能的影響很小或沒有影響,使其適用於各種不同的情境。在穩健性方面,嵌入的水印必須能夠在各種對抗攻擊下穩定可檢測,這些攻擊試圖去除水印。模型水印方法的有效性在多種應用中得以展示,包括圖像分類、圖像生成、圖像標題、自然語言處理和強化學習。
本書涵蓋了使用水印保護機器學習模型的動機、基本原理、技術和協議。此外,它展示了在分散式聯邦學習環境中,模型水印、簽名和護照嵌入等前沿工作的應用案例。
作者簡介
Lixin Fan is currently the Chief Scientist of Artificial Intelligence at WeBank, Shenzhen, China. His research interests include machine learning and deep learning, privacy computing and federated learning, computer vision and pattern recognition, image and video processing, mobile computing and ubiquitous computing. He was the Organizing Chair of workshops in these research areas held in CVPR, ICCV, ICPR, ACCV, NeurIPS, AAAI, and IJCAI. He is the author of 3 edited books and more than 70 articles in peer-review international journals and conference proceedings. He holds more than one hundred patents filed in the United States, Europe and China, and he was Chairman of the IEEE P2894 Explainable Artificial Intelligence (XAI) Standard Working Group.
Chee Seng Chan is currently a Full Professor at the Faculty of Computer Science and Information Technology, Universiti Malaya, Kuala Lumpur, Malaysia. His research interests include computer vision and machine learning where he has published more than 100 papers in related top peer-review conferences and journals. He was the Organizing Chair of the Asian Conference on Pattern Recognition (2015) and General Chair of the IEEE Workshop on Multimedia Signal Processing (2019) and IEEE Visual Communications and Image Processing (2013). He was the recipient of Top Research Scientists Malaysia (TRSM) in 2022, Young Scientists Network Academy of Sciences Malaysia (YSN-ASM) in 2015 and Hitachi Research Fellowship in 2013. Besides that, he is also a senior member (IEEE), Professional Engineer (BEM) and Chartered Engineer (IET). During 2020-2022, he was seconded to the Ministry of Science, Technology and Innovation (MOSTI) as the Undersecretary for Division of Data Strategic and Foresight.
Qiang Yang is a Fellow of the Canadian Academy of Engineering (CAE) and Royal Society of Canada (RSC), Chief Artificial Intelligence Officer of WeBank, and Chair Professor at the Computer Science and Engineering Department of Hong Kong University of Science and Technology (HKUST). He is the Conference Chair of AAAI-21, Honorary Vice President of the Chinese Association for Artificial Intelligence (CAAI), President of the Hong Kong Society of Artificial Intelligence and Robotics (HKSAIR) and President of the Investment Technology League (ITL). He is a fellow of the AAAI, ACM, CAAI, IEEE, IAPR and AAAS. He was the Founding Editor in Chief of the ACM Transactions on Intelligent Systems and Technology (ACM TIST) and the Founding Editor in Chief of IEEE Transactions on Big Data (IEEE TBD). He received the ACM SIGKDD Distinguished Service Award in 2017. He served as Founding Director of Huawei's Noah's Ark Research Lab from 2012 to 2015, Founding Director of HKUST's Big Data Institute, Founder of 4Paradigm and President of the IJCAI (2017-2019). His research interests include artificial intelligence, machine learning, data mining and planning.
作者簡介(中文翻譯)
范立新目前是中國深圳微眾銀行的人工智慧首席科學家。他的研究興趣包括機器學習和深度學習、隱私計算和聯邦學習、計算機視覺和模式識別、影像和視頻處理、移動計算和無處不在的計算。他曾擔任CVPR、ICCV、ICPR、ACCV、NeurIPS、AAAI和IJCAI等會議中這些研究領域的工作坊組織主席。他是三本編輯書籍的作者,並在國際同行評審期刊和會議論文集中發表了70多篇文章。他在美國、歐洲和中國擁有超過一百項專利,並曾擔任IEEE P2894可解釋人工智慧(XAI)標準工作組的主席。
陳志生目前是馬來西亞吉隆坡馬來亞大學計算機科學與資訊技術學院的全職教授。他的研究興趣包括計算機視覺和機器學習,已在相關的頂級同行評審會議和期刊上發表了超過100篇論文。他曾擔任2015年亞洲模式識別會議的組織主席,以及2019年IEEE多媒體信號處理研討會和2013年IEEE視覺通信與影像處理研討會的總主席。他於2022年獲得馬來西亞頂尖研究科學家(TRSM)獎,2015年獲得馬來西亞科學院青年科學家網絡(YSN-ASM)獎,並於2013年獲得日立研究獎學金。此外,他還是IEEE的資深會員、專業工程師(BEM)和特許工程師(IET)。在2020年至2022年間,他被借調至科技創新部(MOSTI)擔任數據戰略與前瞻部的副秘書長。
楊強是加拿大工程院(CAE)和加拿大皇家學會(RSC)的院士,微眾銀行的首席人工智慧官,以及香港科技大學(HKUST)計算機科學與工程系的講座教授。他是AAAI-21的會議主席,中國人工智慧學會(CAAI)的名譽副會長,香港人工智慧與機器人學會(HKSAIR)的會長,以及投資科技聯盟(ITL)的會長。他是AAAI、ACM、CAAI、IEEE、IAPR和AAAS的院士。他曾擔任ACM智能系統與技術期刊(ACM TIST)的創始主編,以及IEEE大數據期刊(IEEE TBD)的創始主編。他於2017年獲得ACM SIGKDD傑出服務獎。他曾於2012年至2015年擔任華為諾亞方舟研究所的創始主任,並是HKUST大數據研究所的創始主任,4Paradigm的創始人,以及IJCAI的會長(2017-2019)。他的研究興趣包括人工智慧、機器學習、數據挖掘和規劃。
