Deep neural network (DNN) with the state of art performance has emerged as a viable and lucrative business service. However, those impressive performances require large number computational resources, which comes at high cost for model creators. The necessity protecting DNN models from illegal reproducing distribution appears salient now. Recently, trigger-set watermarking, breaking white-box restriction, relying on adversarial training pre-defined (incorrect) labels crafted inputs, subsequently using them to verify authenticity, been main topic ownership verification. While these methods have successfully demonstrated robustness against removal attacks, few are effective tampering attacks competitors forging fake watermarks dogging in manager. In this paper, we put forth new framework watermark by embedding unique Serial Number (relatedness less original labels) deep identification, is both robust pruning resist attacks. Experiment results demonstrate that only incurs slight accuracy degradation valid

Load

Load