Copyright protection algorithm based on differential privacy deep fake fingerprint detection model
A copyright protection algorithm based on differential privacy for deep fake fingerprint detection model (DFFDM) was proposed, realizing active copyright protection and passive copyright verification of DFFDM without weakening the performance of the original task.In the original task training, noise...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
Editorial Department of Journal on Communications
2022-09-01
|
| Series: | Tongxin xuebao |
| Subjects: | |
| Online Access: | http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2022184/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841539955815350272 |
|---|---|
| author | Chengsheng YUAN Qiang GUO Zhangjie FU |
| author_facet | Chengsheng YUAN Qiang GUO Zhangjie FU |
| author_sort | Chengsheng YUAN |
| collection | DOAJ |
| description | A copyright protection algorithm based on differential privacy for deep fake fingerprint detection model (DFFDM) was proposed, realizing active copyright protection and passive copyright verification of DFFDM without weakening the performance of the original task.In the original task training, noise was added to introduce randomness, and the expected stability of the differential privacy algorithm was used to make classification decisions to reduce the sensitivity to noise.In passive verification, FGSM was used to generate adversarial samples, the decision boundary was fine-adjusted to establish a backdoor, and the mapping was used as an implanted watermark to realize passive verification.To solve the copyright confusion caused by multiple backdoors, a watermark verification framework was designed, which stamped the trigger backdoors and identified the copyright with the help of time order.In active protection, to provide users with hierarchical services, the key neurons in the task were frozen by probabilistic selection strategy, and the access rights were designed to realize the thawing of neurons, so as to obtain the right to use the original task.Experimental results show that the backdoor verification is still effective under different model performance, and the embedded backdoor shows a certain robustness to the model modification.Also, the proposed algorithm can resist not only the collusion attack by the attacker to recruit legitimate users, but also the fine-tuning and compression attacks caused by the model modification. |
| format | Article |
| id | doaj-art-0fe4c92dda454dbb9faf43206ccfecbe |
| institution | Kabale University |
| issn | 1000-436X |
| language | zho |
| publishDate | 2022-09-01 |
| publisher | Editorial Department of Journal on Communications |
| record_format | Article |
| series | Tongxin xuebao |
| spelling | doaj-art-0fe4c92dda454dbb9faf43206ccfecbe2025-01-14T06:28:50ZzhoEditorial Department of Journal on CommunicationsTongxin xuebao1000-436X2022-09-014318119359391898Copyright protection algorithm based on differential privacy deep fake fingerprint detection modelChengsheng YUANQiang GUOZhangjie FUA copyright protection algorithm based on differential privacy for deep fake fingerprint detection model (DFFDM) was proposed, realizing active copyright protection and passive copyright verification of DFFDM without weakening the performance of the original task.In the original task training, noise was added to introduce randomness, and the expected stability of the differential privacy algorithm was used to make classification decisions to reduce the sensitivity to noise.In passive verification, FGSM was used to generate adversarial samples, the decision boundary was fine-adjusted to establish a backdoor, and the mapping was used as an implanted watermark to realize passive verification.To solve the copyright confusion caused by multiple backdoors, a watermark verification framework was designed, which stamped the trigger backdoors and identified the copyright with the help of time order.In active protection, to provide users with hierarchical services, the key neurons in the task were frozen by probabilistic selection strategy, and the access rights were designed to realize the thawing of neurons, so as to obtain the right to use the original task.Experimental results show that the backdoor verification is still effective under different model performance, and the embedded backdoor shows a certain robustness to the model modification.Also, the proposed algorithm can resist not only the collusion attack by the attacker to recruit legitimate users, but also the fine-tuning and compression attacks caused by the model modification.http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2022184/copyright protectionadversarial samplesdifferential privacymodel watermarkfake fingerprint detection |
| spellingShingle | Chengsheng YUAN Qiang GUO Zhangjie FU Copyright protection algorithm based on differential privacy deep fake fingerprint detection model Tongxin xuebao copyright protection adversarial samples differential privacy model watermark fake fingerprint detection |
| title | Copyright protection algorithm based on differential privacy deep fake fingerprint detection model |
| title_full | Copyright protection algorithm based on differential privacy deep fake fingerprint detection model |
| title_fullStr | Copyright protection algorithm based on differential privacy deep fake fingerprint detection model |
| title_full_unstemmed | Copyright protection algorithm based on differential privacy deep fake fingerprint detection model |
| title_short | Copyright protection algorithm based on differential privacy deep fake fingerprint detection model |
| title_sort | copyright protection algorithm based on differential privacy deep fake fingerprint detection model |
| topic | copyright protection adversarial samples differential privacy model watermark fake fingerprint detection |
| url | http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2022184/ |
| work_keys_str_mv | AT chengshengyuan copyrightprotectionalgorithmbasedondifferentialprivacydeepfakefingerprintdetectionmodel AT qiangguo copyrightprotectionalgorithmbasedondifferentialprivacydeepfakefingerprintdetectionmodel AT zhangjiefu copyrightprotectionalgorithmbasedondifferentialprivacydeepfakefingerprintdetectionmodel |