DNN Intellectual Property Protection: Taxonomy, Methods, Attack Resistance, and Evaluations

11/27/2020
by   Mingfu Xue, et al.
0

The training and creation of deep learning model is usually costly, thus it can be regarded as an intellectual property (IP) of the model creator. However, malicious users who obtain high-performance models may illegally copy, redistribute, abuse the models, or use the models to provide prediction services without permission. To deal with such security threats, a few deep neural networks (DNN) IP protection methods have been proposed in recent years. This paper attempts to provide a review of the existing DNN IP protection works and also an outlook. First, we propose the first taxonomy for DNN IP protection methods in terms of five attributes: scenario, capacity, type, mechanism, and attack resistance. Second, we present a survey on existing DNN IP protection works in terms of the above five attributes, especially focusing on the challenges these methods face, whether these methods can provide proactive protection, and their resistances to different levels of attacks. Third, we analyze the potential attacks on DNN IP protection methods. Fourth, we propose a systematic evaluation method for DNN IP protection methods. Lastly, challenges and future works are presented.

READ FULL TEXT
POST COMMENT

Comments

There are no comments yet.

Authors

page 1

page 2

page 3

page 4

03/02/2021

ActiveGuard: An Active DNN IP Protection Technique via Adversarial Examples

The training of Deep Neural Networks (DNN) is costly, thus DNN can be co...
11/17/2020

Deep Serial Number: Computational Watermarking for DNN Intellectual Property Protection

In this paper, we introduce DSN (Deep Serial Number), a new watermarking...
11/08/2018

Performance Comparison of Contemporary DNN Watermarking Techniques

DNNs shall be considered as the intellectual property (IP) of the model ...
12/05/2021

Protecting Intellectual Property of Language Generation APIs with Lexical Watermark

Nowadays, due to the breakthrough in natural language generation (NLG), ...
01/30/2020

P4-Protect: 1+1 Path Protection for P4

1+1 protection is a method to secure traffic between two nodes against f...
03/08/2021

Socio-Technical Root Cause Analysis of Cyber-enabled Theft of the U.S. Intellectual Property – The Case of APT41

Increased connectivity has made us all more vulnerable. Cyberspace, besi...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.