Robust Watermarking on Gradient Boosting Decision Trees

Authors

  • Jun Woo Chung Rochester Institute of Technology
  • Yingjie Lao Tufts University
  • Weijie Zhao Rochester Institute of Technology

DOI:

https://doi.org/10.1609/aaai.v40i25.39199

Abstract

Gradient Boosting Decision Trees (GBDTs) are widely used in industry and academia for their high accuracy and efficiency, particularly on structured data. However, the subject of watermarking GBDT models remains underexplored, especially compared to neural networks. In this work, we present the first robust watermarking framework tailored to GBDT models, utilizing in-place fine-tuning to embed imperceptible and resilient watermarks. We propose four embedding strategies, each designed to minimize impact on model accuracy while ensuring watermark robustness. Through experiments across diverse datasets, we demonstrate that our methods achieve high watermark embedding rates, low accuracy degradation, and strong resistance to post-deployment fine-tuning.
AAAI-26 / IAAI-26 / EAAI-26 Proceedings Cover

Downloads

Published

2026-03-14

How to Cite

Chung, J. W., Lao, Y., & Zhao, W. (2026). Robust Watermarking on Gradient Boosting Decision Trees. Proceedings of the AAAI Conference on Artificial Intelligence, 40(25), 20624–20633. https://doi.org/10.1609/aaai.v40i25.39199

Issue

Vol. 40 No. 25: AAAI-26 Technical Tracks 25

Section

AAAI Technical Track on Machine Learning II