Fragile Model Watermark for integrity protection: leveraging boundary volatility and sensitive sample-pairing

arXiv:2404.07572v1 Announce Type: new
Abstract: Neural networks have increasingly influenced people's lives. Ensuring the faithful deployment of neural networks as designed by their model owners is crucial, as they may be susceptible to various malicious or unintentional modifications, such as backdooring and poisoning attacks. Fragile model watermarks aim to prevent unexpected tampering that could lead DNN models to make incorrect decisions. They ensure the detection of any tampering with the model as sensitively as possible.However, prior watermarking methods suffered from …

aim arxiv attacks backdooring cs.ai cs.cr deployment integrity malicious may modifications networks neural networks people poisoning poisoning attacks protection sample sensitive unintentional volatility watermarks