all InfoSec news
Effective Ambiguity Attack Against Passport-based DNN Intellectual Property Protection Schemes through Fully Connected Layer Substitution. (arXiv:2303.11595v1 [cs.CR])
cs.CR updates on arXiv.org arxiv.org
Since training a deep neural network (DNN) is costly, the well-trained deep
models can be regarded as valuable intellectual property (IP) assets. The IP
protection associated with deep models has been receiving increasing attentions
in recent years. Passport-based method, which replaces normalization layers
with passport layers, has been one of the few protection solutions that are
claimed to be secure against advanced attacks. In this work, we tackle the
issue of evaluating the security of passport-based IP protection methods. We …
advanced assets attack attacks intellectual property network neural network normalization passport protection solutions training