Search Results (188)

With the widespread application of 3D models derived from oblique photography, the need for copyright protection and trusted transactions has risen significantly. Traditional transactions often depend on third parties, making it difficult to balance copyright protection with transaction credibility and to safeguard the rights and interests of both parties. To address these challenges, this paper proposes a novel trusted-transaction scheme that integrates smart contracts with zero-watermarking technology. Firstly, the skewness of the oblique-photography 3D model data is employed to construct a zero-watermark identifier, which is stored in the InterPlanetary File System (IPFS) alongside encrypted data for trading. Secondly, smart contracts are designed and deployed. Lightweight information, such as IPFS data addresses, is uploaded to the blockchain by invoking these contracts, and transactions are conducted accordingly. Finally, the blockchain system automatically records the transaction process and results on-chain, providing verifiable transaction evidence. The experimental results show that the proposed zero-watermarking algorithm resists common attacks. The trusted-transaction framework not only ensures the traceability and trustworthiness of the entire transaction process but also safeguards the rights of both parties. This approach effectively protects copyright while ensuring the reliability of the transactions. Full article

Because neural networks pervade many industrial domains and are increasingly complex and accurate, the trained models themselves have become valuable intellectual properties. Developing highly accurate models demands increasingly higher investments of time, capital, and expertise. Many of these models are commonly deployed in cloud services and on resource-constrained edge devices. Consequently, safeguarding them is critically important. Neural network watermarking offers a practical solution to address this need by embedding a unique signature, either as a hidden bit-string or as a distinctive response to specially crafted “trigger” inputs. This allows owners to subsequently prove model ownership even if an adversary attempts to remove the watermark through attacks. In this manuscript, we adapt three state-of-the-art watermarking methods to “tiny” neural networks deployed on edge platforms by exploiting symmetry-related properties that ensure robustness and efficiency. In the context of machine learning, “tiny” is broadly used as a term referring to artificial intelligence techniques deployed in low-energy systems in the mW range and below, e.g., sensors and microcontrollers. We evaluate the robustness of the selected techniques by simulating attacks aimed at erasing the watermark while preserving the model’s original performances. The results before and after attacks demonstrate the effectiveness of these watermarking schemes in protecting neural network intellectual property without degrading the original accuracy. Full article

Deep neural network (DNN) watermarking is a suitable method for protecting the ownership of deep learning (DL) models. It secretly embeds an identifier within the model, which can be retrieved by the owner to prove ownership. In this paper, we first provide a unified framework for white-box DNN watermarking schemes that encompasses current state-of-the-art methods and outlines their theoretical inter-connections. Next, we introduce DICTION, a new white-box dynamic robust watermarking scheme derived from this framework. Its main originality lies in a generative adversarial network (GAN) strategy where the watermark extraction function is a DNN trained as a GAN discriminator, while the target model acts as a GAN generator. DICTION can be viewed as a generalization of DeepSigns, which, to the best of our knowledge, is the only other dynamic white-box watermarking scheme in the literature. Experiments conducted on four benchmark models (MLP, CNN, ResNet-18, and LeNet) demonstrate that DICTION achieves a zero bit error rate (BER) while maintaining model accuracy within 0.5% of the baseline. DICTION shows superior robustness, tolerating up to 95% weight pruning compared to 80% for existing methods, and it demonstrates complete resistance to fine-tuning and overwriting attacks where competing methods fail, with a BER of >0.3. Full article

A dual watermark and DNA image encryption based on a chaotic map is proposed. Firstly, a new discrete chaotic map is proposed, and the dynamic characteristics are analyzed. Then, the hash value changes initial conditions, and the pseudo-random sequence is generated. The encrypted copyright image is fused with the feature value of the original image and then encrypted again to form zero-watermarking, which is registered with the copyright certification authority. The zero-watermarking is taken as a robust watermark and embedded into the original image based on a chaotic sequence to ensure its invisibility. Finally, a cross-mutation DNA encryption is proposed. The experimental results verify the performance of encryption and dual watermark copyright authentication, and the ability to resist attacks. Full article

Large Language Models offer transformative capabilities but also introduce growing cybersecurity risks, particularly through their use in generating realistic phishing emails. Detecting such content is critical; however, existing methods can be resource-intensive and slow to adapt. In this research, we present a dual-layered detection framework that combines supervised learning for accurate classification with unsupervised techniques to uncover emerging threats. In controlled testing environments, our approach demonstrates strong performance. Recognising that human users are often the weakest link in information security systems, we examine historical deception patterns and psychological principles commonly exploited in phishing attacks. We also explore watermarking as a complementary method for tracing AI-generated content. Together, these strategies offer a scalable, adaptive defence against increasingly sophisticated phishing attacks driven by Large Language Models. Full article

Infrared (IR) images record the temperature radiation distribution of the object being captured. The hue and color difference in the image reflect the caloric and temperature difference, respectively. However, due to the thermal diffusion effect, the target information in IR images can be relatively large and the objects’ boundaries are blurred. Therefore, IR images may undergo some image enhancement operations prior to use in relevant application scenarios. Furthermore, Infrared Enhancement (IRE) algorithms have a negative impact on the watermarking information embedded into the IR image in most cases. In this paper, we propose a novel multi-scale robust watermarking model under IRE attack, called IEWNet. This model trains a preprocessing module for extracting image features based on the conventional Undecimated Dual Tree Complex Wavelet Transform (UDTCWT). Furthermore, we consider developing a noise layer with a focus on four deep learning and eight classical attacks, and all of these attacks are based on IRE algorithms. Moreover, we add a noise layer or an enhancement module between the encoder and decoder according to the application scenarios. The results of the imperceptibility experiments on six public datasets prove that the Peak Signal to Noise Ratio (PSNR) is usually higher than 40 dB. The robustness of the algorithms is also better than the existing state-of-the-art image watermarking algorithms used in the performance evaluation comparison. Full article

This study improves existing protection strategies for image processing models by embedding invisible watermarks into model outputs to verify the sources of images. Most current methods rely on CNN-based architectures, which are limited by their local perception capabilities and struggle to effectively capture global information. To address this, we introduce the Swin-UNet, originally designed for medical image segmentation tasks, into the watermark embedding process. The Swin Transformer’s ability to capture global information enhances the visual quality of the embedded image compared to CNN-based approaches. To defend against surrogate attacks, data augmentation techniques are incorporated into the training process, enhancing the watermark extractor’s robustness specifically against surrogate attacks. Experimental results show that the proposed watermarking approach reduces the impact of watermark embedding on visual quality. On a deraining task with color images, the average PSNR reaches 45.85 dB, while on a denoising task with grayscale images, the average PSNR reaches 56.60 dB. Additionally, watermarks extracted from surrogate attacks closely match those from the original framework, with an accuracy of 99% to 100%. These results confirm the Swin Transformer’s effectiveness in preserving visual quality. Full article

Ensuring the security of remote sensing images is essential to prevent unauthorized access, tampering, and misuse. Deep learning-based digital watermarking offers a promising solution by embedding imperceptible information to protect data integrity. This paper proposes SIR-DCGAN, an attention-guided robust watermarking method for remote sensing image protection. It incorporates an IR-FFM feature fusion module to enhance feature reuse across different layers and an SE-AM attention mechanism to emphasize critical watermark features. Additionally, a noise simulation sub-network is introduced to improve resistance against common and combined attacks. The proposed method achieves high imperceptibility and robustness while maintaining low computational cost. Extensive experiments on both remote sensing and natural image datasets validate its effectiveness, with performance consistently surpassing existing approaches. These results demonstrate the practicality and reliability of SIR-DCGAN for secure image distribution and copyright protection. Full article

This paper presents a novel forensic watermarking method for digital evidence distribution in non-cloud environments. The approach addresses the critical need for the secure sharing of Joint Photographic Experts Group (JPEG) images in forensic investigations. The method utilises an adaptive Discrete Cosine Transform–Discrete Wavelet Transform (DCT-DWT) domain technique to embed a 64-bit watermark in both stand-alone JPEGs and those within forensic disk images. This occurs without alterations to disk structure or complications to the chain of custody. The system implements uniform secure randomisation and recipient-specific watermarks to balance security with forensic workflow efficiency. This work presents the first implementation of forensic watermarking at the disk image level that preserves structural integrity and enables precise leak source attribution. It addresses a critical gap in secure evidence distribution methodologies. The evaluation occurred on extensive datasets: 1124 JPEGs in a forensic disk image, 10,000 each of BOSSBase 256 × 256 and 512 × 512 greyscale images, and 10,000 COCO2017 coloured images. The results demonstrate high imperceptibility with average Peak Signal-to-Noise Ratio (PSNR) values ranging from 46.13 dB to 49.37 dB across datasets. The method exhibits robust performance against geometric attacks with perfect watermark recovery (Bit Error Rate (BER) = 0) for rotations up to 90° and scaling factors between 0.6 and 1.5. The approach maintains compatibility with forensic tools like Forensic Toolkit FTK and Autopsy. It performs effectively under attacks including JPEG compression (QF ≥ 60), filtering, and noise addition. The technique achieves high feature match ratios between 0.684 and 0.690 for a threshold of 0.70, with efficient processing times (embedding: 0.0347 s to 0.1187 s; extraction: 0.0077 s to 0.0366 s). This watermarking technique improves forensic investigation processes, particularly those that involve sensitive JPEG files. It supports leak source attribution, preserves evidence integrity, and provides traceability throughout forensic procedures. Full article

Large-scale Visual-Language Models have demonstrated powerful adaptability in video recognition tasks. However, existing methods typically rely on fine-tuning or text prompt tuning. In this paper, we propose a visual-only prompting method that employs watermark and trademark prompts to bridge the distribution gap of spatial-temporal video data with Visual-Language Models. Our watermark prompts, designed by a trainable prompt generator, are customized for each video clip. Unlike conventional visual prompts that often exhibit noise signals, watermark prompts are intentionally designed to be imperceptible, ensuring they are not misinterpreted as an adversarial attack. The trademark prompts, bespoke for each video domain, establish the identity of specific video types. Integrating watermark prompts into video frames and prepending trademark prompts to per-frame embeddings significantly boosts the capability of the Visual-Language Model to understand video. Notably, our approach improves the adaptability of the CLIP model to various video action recognition datasets, achieving performance gains of 16.8%, 18.4%, and 13.8% on HMDB-51, UCF-101, and the egocentric dataset EPIC-Kitchen-100, respectively. Additionally, our visual-only prompting method demonstrates competitive performance compared with existing fine-tuning and adaptation methods while requiring fewer learnable parameters. Moreover, through extensive ablation studies, we find the optimal balance between imperceptibility and adaptability. Code will be made available. Full article

With the exponential growth in transactions and exchanges carried out via the Internet, the risks of the falsification and distortion of information are multiplying, encouraged by widespread access to the virtual world. In this context, digital image watermarking has emerged as an essential solution for protecting digital content by enhancing its durability and resistance to manipulation. However, no current digital watermarking technology offers complete protection against all forms of attack, with each method often limited to specific applications. This field has recently benefited from the integration of deep learning techniques, which have brought significant advances in information security. This article explores the implementation of digital watermarking in embedded systems, addressing the challenges posed by resource constraints such as memory, computing power, and energy consumption. We propose optimization techniques, including frequency domain methods and the use of lightweight deep learning models, to enhance the robustness and resilience of embedded systems. The experimental results validate the effectiveness of these approaches for enhanced image protection, opening new prospects for the development of information security technologies adapted to embedded environments. Full article

The rapid development of diffusion models in image generation and processing has led to significant security concerns. Diffusion models are capable of producing highly realistic images that are indistinguishable from real ones. Although deploying a watermarking system can be a countermeasure to verify the ownership or the origin of images, the regeneration attacks arising from diffusion models can easily remove the embedded watermark from the images, without compromising their perceptual quality. Previous watermarking methods that hide watermark information in the carrier image are vulnerable to these newly emergent attacks. To address these challenges, we propose a robust and traceable watermark framework based on the latent diffusion model, where the spread-spectrum watermark is coupled with the diffusion noise to ensure its security and imperceptibility. Since the diffusion model is trained to reduce information entropy from disordered data to restore its true distribution, the transparency of the hidden watermark is guaranteed. Benefiting from the spread spectrum strategy, the decoder structure is no longer needed for watermark extraction, greatly alleviating the training overhead. Additionally, the robustness and transparency are easily controlled by a strength factor, whose operating range is studied in this work. Experimental results demonstrate that our method performs not only against common attacks, but also against regeneration attacks and semantic-based image editing. Full article

Due to their considerable costs, deep neural networks (DNNs) are valuable assets that need to be protected in terms of intellectual property (IP). From this statement, DNN watermarking gains significant interest since it allows DNN owners to prove their ownership. Various methods that embed ownership information in the model behavior have been proposed. They need to fill several requirements, among them the security, which represents an attacker’s difficulty in breaking the watermarking scheme. There is also the robustness requirement, which quantifies the resistance against watermark removal techniques. The problem is that the proposed methods generally fail to meet these necessary standards. This paper presents RoSe-Mix, a robust and secure deep neural network watermarking technique designed for black-box settings. It addresses limitations in existing DNN watermarking approaches by integrating key features from two established methods: RoSe, which uses cryptographic hashing to ensure security, and Mixer, which employs image Mixup to enhance robustness. Experimental results demonstrate that RoSe-Mix achieves security across various architectures and datasets with a robustness to removal attacks exceeding 99%. Full article

Interior design, which integrates art and science, is vulnerable to infringements such as copying and tampering. The unique and often intricate nature of these designs makes them vulnerable to unauthorized replication and misuse, posing significant challenges for designers seeking to protect their intellectual property. To solve the above problems, we propose a deep learning-based zero-watermark copyright protection method. The method aims to embed undetectable and unique copyright information through image fusion technology without destroying the interior design image. Specifically, the method fuses the interior design and a watermark image through deep learning to generate a highly robust zero-watermark image. This study also proposes a zero-watermark verification network with U-Net to verify the validity of the watermark and extract the copyright information efficiently. This network can accurately restore watermark information from protected interior design images, thus effectively proving the copyright ownership of the work and the copyright ownership of the interior design. According to verification on an experimental dataset, the zero-watermark copyright protection method proposed in this study is robust against various image-oriented attacks. It avoids the problem of image quality loss that traditional watermarking techniques may cause. Therefore, this method can provide a strong means of copyright protection in the field of interior design. Full article

This paper introduces PK-Judge, a novel neural network watermarking framework designed to enhance the intellectual property (IP) protection by incorporating an asymmetric cryptograp hic approach in the verification process. Inspired by the paradigm shift from HTTP to HTTPS in enhancing web security, this work integrates public key infrastructure (PKI) principles to establish a secure and verifiable watermarking system. Unlike symmetric approaches, PK-Judge employs a public key infrastructure (PKI) to decouple ownership validation from the extraction process, significantly increasing its resilience against adversarial attacks. Additionally, it incorporates a robust challenge-response mechanism to mitigate replay attacks and leverages error correction codes (ECC) to achieve an Effective Bit Error Rate (EBER) of zero, ensuring watermark integrity even under conditions such as fine-tuning, pruning, and overwriting. Furthermore, PK-Judge introduces a new requirement based on the principle of separation of privilege, setting a foundation for secure and scalable watermarking mechanisms in machine learning. By addressing these critical challenges, PK-Judge advances the state-of-the-art in neural network IP protection and integrity, paving the way for trust-based AI technologies that prioritize security and verifiability. Full article