EncryIP: A Practical Encryption-Based Framework for Model Intellectual Property Protection
DOI:
https://doi.org/10.1609/aaai.v38i19.30140Keywords:
GeneralAbstract
In the rapidly growing digital economy, protecting intellectual property (IP) associated with digital products has become increasingly important. Within this context, machine learning (ML) models, being highly valuable digital assets, have gained significant attention for IP protection. This paper introduces a practical encryption-based framework called EncryIP, which seamlessly integrates a public-key encryption scheme into the model learning process. This approach enables the protected model to generate randomized and confused labels, ensuring that only individuals with accurate secret keys, signifying authorized users, can decrypt and reveal authentic labels. Importantly, the proposed framework not only facilitates the protected model to multiple authorized users without requiring repetitive training of the original ML model with IP protection methods but also maintains the model's performance without compromising its accuracy. Compared to existing methods like watermark-based, trigger-based, and passport-based approaches, EncryIP demonstrates superior effectiveness in both training protected models and efficiently detecting the unauthorized spread of ML models.
Downloads
Published
2024-03-24
How to Cite
Mu, X., Wang, Y., Huang, Z., Lai, J., Zhang, Y., Wang, H., & Yu, Y. (2024). EncryIP: A Practical Encryption-Based Framework for Model Intellectual Property Protection. Proceedings of the AAAI Conference on Artificial Intelligence, 38(19), 21438-21445. https://doi.org/10.1609/aaai.v38i19.30140
Issue
Section
AAAI Technical Track on Safe, Robust and Responsible AI Track
