Identifying Appropriate Intellectual Property Protection Mechanisms for Machine Learning Models: A Systematization of Watermarking, Fingerprinting, Model Access, and Attacks

Lederer, Isabell, Mayer, Rudolf, Rauber, Andreas

Apr-21-2023–arXiv.org Artificial Intelligence

The commercial use of Machine Learning (ML) is spreading; at the same time, ML models are becoming more complex and more expensive to train, which makes Intellectual Property Protection (IPP) of trained models a pressing issue. Unlike other domains that can build on a solid understanding of the threats, attacks and defenses available to protect their IP, the ML-related research in this regard is still very fragmented. This is also due to a missing unified view as well as a common taxonomy of these aspects. In this paper, we systematize our findings on IPP in ML, while focusing on threats and attacks identified and defenses proposed at the time of writing. We develop a comprehensive threat model for IP in ML, categorizing attacks and defenses within a unified and consolidated taxonomy, thus bridging research from both the ML and security communities.

artificial intelligence, machine learning, watermark, (20 more...)

arXiv.org Artificial Intelligence

Apr-21-2023

arXiv.org PDF

Add feedback

Country:
- Asia
  - China
    - Guangdong Province > Shenzhen (0.04)
    - Hong Kong (0.04)
  - Japan > Honshū
    - Kansai > Hyogo Prefecture > Kobe (0.04)
  - Middle East > Republic of Türkiye
    - Elazig Province > Elazig (0.04)
  - South Korea > Incheon
    - Incheon (0.04)
- Europe
  - Romania > București - Ilfov Development Region
    - Municipality of Bucharest > Bucharest (0.04)
  - Czechia > Prague (0.04)
  - Belgium (0.04)
  - Italy
    - Lazio > Rome (0.04)
    - Lombardy > Milan (0.04)
  - United Kingdom > England
    - East Sussex > Brighton (0.04)
  - France > Hauts-de-France
    - Nord > Lille (0.04)
  - Slovenia > Central Slovenia
    - Municipality of Ljubljana > Ljubljana (0.04)
  - Latvia > Riga Municipality
    - Riga (0.04)
  - Austria > Vienna (0.15)
- North America
  - Canada
    - Ontario > National Capital Region
      - Ottawa (0.04)
    - Quebec > Montreal (0.04)
  - Puerto Rico > San Juan
    - San Juan (0.04)
  - United States
    - California
      - San Diego County > San Diego (0.04)
      - San Francisco County > San Francisco (0.14)
      - Santa Clara County > Santa Clara (0.04)
    - Illinois > Cook County
      - Chicago (0.04)
    - Massachusetts > Suffolk County
      - Boston (0.04)
    - Texas > Travis County
      - Austin (0.04)
- Oceania
  - Australia > Western Australia
    - Perth (0.04)
  - New Zealand > North Island
    - Auckland Region > Auckland (0.04)

Genre:
- Overview (1.00)
- Research Report > New Finding (0.66)

Industry:
- Information Technology > Security & Privacy (1.00)
- Law (1.00)

Technology:
- Information Technology
  - Artificial Intelligence > Machine Learning
    - Neural Networks > Deep Learning (1.00)
    - Performance Analysis > Accuracy (0.68)
  - Security & Privacy (1.00)

Duplicate Docs Excel Report

Title
None found

Similar Docs Excel Report more

Title	Similarity	Source
None found