NNSplitter: An Active Defense Solution to DNN Model via Automated Weight Obfuscation. (arXiv:2305.00097v1 [cs.LG])

As a type of valuable intellectual property (IP), deep neural network (DNN)
models have been protected by techniques like watermarking. However, such
passive model protection cannot fully prevent model abuse. In this work, we
propose an active model IP protection scheme, namely NNSplitter, which actively
protects the model by splitting it into two parts: the obfuscated model that
performs poorly due to weight obfuscation, and the model secrets consisting of
the indexes and original values of the obfuscated weights, which …

abuse active defense automated defense intellectual property network neural network obfuscation protection solution techniques watermarking work