This paper introduces EmMark,a novel watermarking framework for protecting the intellectual property (IP) of embedded large language models deployed on resource-constrained edge devices. To address the IP theft risks posed by malicious end-users, EmMark enables proprietors to authenticate ownership by querying the watermarked model weights and matching the inserted signatures. EmMark's novelty lies in its strategic watermark weight parameters selection, nsuring robustness and maintaining model quality. Extensive proof-of-concept evaluations of models from OPT and LLaMA-2 families demonstrate EmMark's fidelity, achieving 100% success in watermark extraction with model performance preservation. EmMark also showcased its resilience against watermark removal and forging attacks.

翻译：本文提出EmMark，一种新颖的水印框架，用于保护部署在资源受限边缘设备上的嵌入式大语言模型的知识产权。为应对恶意终端用户带来的知识产权盗窃风险，EmMark使所有者能够通过查询加水印的模型权重并匹配插入的签名来认证所有权。EmMark的创新之处在于其策略性的水印权重参数选择，既确保了鲁棒性，又维持了模型质量。对OPT和LLaMA-2系列模型的概念验证评估表明，EmMark具有高保真性，在保持模型性能的前提下实现了100%的水印提取成功率。同时，EmMark还展示了其对水印移除和伪造攻击的抵抗能力。