The commercialization of deep learning creates a compelling need for intellectual property (IP) protection. Deep neural network (DNN) watermarking has been proposed as a promising tool to help model owners prove ownership and fight piracy. A popular approach of watermarking is to train a DNN to recognize images with certain \textit{trigger} patterns. In this paper, we propose a novel evolutionary algorithm-based method to generate and optimize trigger patterns. Our method brings a siginificant reduction in false positive rates, leading to compelling proof of ownership. At the same time, it maintains the robustness of the watermark against attacks. We compare our method with the prior art and demonstrate its effectiveness on popular models and datasets.

翻译：深层学习的商业化产生了对知识产权保护的迫切需求。深神经网络(DNN)的水标识被提议为帮助模型拥有者证明所有权和打击盗版行为的一个很有希望的工具。一种流行的水标识方法是培训DNN,以某些textit{trigger}模式识别图像。在本文中,我们提出了一种新的基于进化算法的生成和优化触发模式的新方法。我们的方法导致假正率的大幅下降,导致令人信服的所有权证明。与此同时,它保持水标识的稳健性,以抵御袭击。我们将我们的方法与以前的艺术进行比较,并展示其在流行模型和数据集上的有效性。