Copyright Verification and Traceability for Remote Sensing Object Detection Models via Dual Model Watermarking

Copyright Verification and Traceability for Remote Sensing Object Detection Models via Dual Model Watermarking

Deep learning-based remote sensing object detection (RSOD) models have been widely deployed and commercialized. The commercialization of RSOD models requires the ability to protect their intellectual property (IP) across different platforms and sales channels. However, RSOD models currently face thr...

Full description

Saved in:
Bibliographic Details
Main Authors: Weitong Chen, Xin Xu, Na Ren, Changqing Zhu, Jie Cai
Format: Article
Language:English
Published: MDPI AG 2025-01-01
Series:Remote Sensing
Subjects:
remote sensing object detection
model watermarking
intellectual property protection
copyright verification
leakage source tracing
Online Access:https://www.mdpi.com/2072-4292/17/3/481
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Deep learning-based remote sensing object detection (RSOD) models have been widely deployed and commercialized. The commercialization of RSOD models requires the ability to protect their intellectual property (IP) across different platforms and sales channels. However, RSOD models currently face threats related to illegal copying on untrusted platforms or resale by dishonest buyers. To address this issue, we propose a dual-model watermarking scheme for the copyright verification and leakage tracing of RSOD models. First, we construct trigger samples using an object generation watermark trigger and train them alongside clean samples to implement black-box watermarking. Then, fingerprint information is embedded into a small subset of the model’s critical weights, using a fine-tuning and loss-guided approach. At the copyright verification stage, the presence of a black-box watermark can be confirmed through using the suspect model’s API to make predictions on the trigger samples, thereby determining whether the model is infringing. Once infringement is confirmed, fingerprint information can be further extracted from the model weights to identify the leakage source. Experimental results demonstrate that the proposed method can effectively achieve the copyright verification and traceability of RSOD models without affecting the performance of primary tasks. The watermark shows good robustness against fine-tuning and pruning attacks.
ISSN:2072-4292

Similar Items