Timezone: »
Previous works have validated that text generation APIs can be stolen through imitation attacks, causing IP violations. In order to protect the IP of text generation APIs, recent work has introduced a watermarking algorithm and utilized the null-hypothesis test as a post-hoc ownership verification on the imitation models. However, we find that it is possible to detect those watermarks via sufficient statistics of the frequencies of candidate watermarking words. To address this drawback, in this paper, we propose a novel Conditional wATERmarking framework (CATER) for protecting the IP of text generation APIs. An optimization method is proposed to decide the watermarking rules that can minimize the distortion of overall word distributions while maximizing the change of conditional word selections. Theoretically, we prove that it is infeasible for even the savviest attacker (they know how CATER works) to reveal the used watermarks from a large pool of potential word pairs based on statistical inspection. Empirically, we observe that high-order conditions lead to an exponential growth of suspicious (unused) watermarks, making our crafted watermarks more stealthy. In addition, CATER can effectively identify IP infringement under architectural mismatch and cross-domain imitation attacks, with negligible impairments on the generation quality of victim APIs. We envision our work as a milestone for stealthily protecting the IP of text generation APIs.
Author Information
Xuanli He (Monash University)
Qiongkai Xu (University of Melbourne)
Yi Zeng (Virginia Tech)
Yi Zeng is a second-year Ph.D. student in Computer Engineering at Virginia Tech. He earned his M.S. in Electronic and Computer Engineering, Machine Learning & Data Science from the University of California, San Diego, and his B.S. in Electronic and Information Engineering from Xidian University. His research interests include trustworthy machine learning, artificial intelligence security, and the reliable data market for machine learning. He has a great passion for bringing more trustworthy and responsible artificial intelligence into reality. He received the best paper award at the International Conference on Algorithms and Architectures for Parallel Processing (ICA3PP), 2020. He currently has over twenty top-tier peer-reviewed journals (e.g., IEEE TII, IEEE TC, IEEE Access, etc.) and conferences (e.g., ICLR, NeurIPS, ICCV, IJCAI, AsiaCCS, etc.) to his name.
Lingjuan Lyu (Sony AI)
Fangzhao Wu
Jiwei Li (Shannon.AI)
Ruoxi Jia (Virginia Tech)
More from the Same Authors
-
2021 : Magic Pyramid: Accelerating Inference with Early Exiting and Token Pruning »
Xuanli He · Iman Keivanloo · Yi Xu · Xiang He · Belinda Zeng · Santosh Rajagopalan · Trishul Chilimbi -
2022 Poster: CalFAT: Calibrated Federated Adversarial Training with Label Skewness »
Chen Chen · Yuchen Liu · Xingjun Ma · Lingjuan Lyu -
2022 : MocoSFL: enabling cross-client collaborative self-supervised learning »
Jingtao Li · Lingjuan Lyu · Daisuke Iso · Chaitali Chakrabarti · Michael Spranger -
2023 Poster: Towards Personalized Federated Learning via Heterogeneous Model Reassembly »
Jiaqi Wang · Xingyi Yang · Suhan Cui · Liwei Che · Lingjuan Lyu · Dongkuan (DK) Xu · Fenglong Ma -
2023 Poster: Performance Scaling via Optimal Transport: Enabling Data Selection from Partially Revealed Sources »
Feiyang Kang · Hoang Anh Just · Anit Kumar Sahu · Ruoxi Jia -
2023 Poster: Is Heterogeneity Notorious? Taming Heterogeneity to Handle Test-Time Shift in Federated Learning »
Yue Tan · Chen Chen · Weiming Zhuang · Xin Dong · Lingjuan Lyu · Guodong Long -
2023 Poster: Where Did I Come From? Origin Attribution of AI-Generated Images »
Zhenting Wang · Chen Chen · Yi Zeng · Lingjuan Lyu · Shiqing Ma -
2023 Poster: Privacy Assessment on Reconstructed Images: Are Existing Evaluation Metrics Faithful to Human Perception? »
Xiaoxiao Sun · Nidham Gazagnadou · Vivek Sharma · Lingjuan Lyu · Hongdong Li · Liang Zheng -
2023 Poster: A Randomized Approach for Tight Privacy Accounting »
Jiachen T. Wang · Saeed Mahloujifar · Tong Wu · Ruoxi Jia · Prateek Mittal -
2023 Poster: A Privacy-Friendly Approach to Data Valuation »
Jiachen T. Wang · Yuqing Zhu · Yu-Xiang Wang · Ruoxi Jia · Prateek Mittal -
2023 Poster: UltraRE: Enhancing RecEraser for Recommendation Unlearning via Error Decomposition »
Yuyuan Li · Chaochao Chen · Yizhao Zhang · Weiming Liu · Lingjuan Lyu · Xiaolin Zheng · Dan Meng · Jun Wang -
2022 Poster: Prompt Certified Machine Unlearning with Randomized Gradient Smoothing and Quantization »
Zijie Zhang · Yang Zhou · Xin Zhao · Tianshi Che · Lingjuan Lyu -
2022 Poster: FairVFL: A Fair Vertical Federated Learning Framework with Contrastive Adversarial Learning »
Tao Qi · Fangzhao Wu · Chuhan Wu · Lingjuan Lyu · Tong Xu · Hao Liao · Zhongliang Yang · Yongfeng Huang · Xing Xie -
2022 Poster: DENSE: Data-Free One-Shot Federated Learning »
Jie Zhang · Chen Chen · Bo Li · Lingjuan Lyu · Shuang Wu · Shouhong Ding · Chunhua Shen · Chao Wu -
2022 Poster: Renyi Differential Privacy of Propose-Test-Release and Applications to Private and Robust Machine Learning »
Jiachen T. Wang · Saeed Mahloujifar · Shouda Wang · Ruoxi Jia · Prateek Mittal -
2022 Poster: Outsourcing Training without Uploading Data via Efficient Collaborative Open-Source Sampling »
Junyuan Hong · Lingjuan Lyu · Jiayu Zhou · Michael Spranger -
2021 Poster: Gradient Driven Rewards to Guarantee Fairness in Collaborative Machine Learning »
Xinyi Xu · Lingjuan Lyu · Xingjun Ma · Chenglin Miao · Chuan Sheng Foo · Bryan Kian Hsiang Low -
2021 Poster: Anti-Backdoor Learning: Training Clean Models on Poisoned Data »
Yige Li · Xixiang Lyu · Nodens Koren · Lingjuan Lyu · Bo Li · Xingjun Ma -
2021 Poster: Exploiting Data Sparsity in Secure Cross-Platform Social Recommendation »
Jinming Cui · Chaochao Chen · Lingjuan Lyu · Carl Yang · Wang Li -
2020 Poster: SAC: Accelerating and Structuring Self-Attention via Sparse Adaptive Connection »
Xiaoya Li · Yuxian Meng · Mingxin Zhou · Qinghong Han · Fei Wu · Jiwei Li -
2019 Poster: Glyce: Glyph-vectors for Chinese Character Representations »
Yuxian Meng · Wei Wu · Fei Wang · Xiaoya Li · Ping Nie · Fan Yin · Muyu Li · Qinghong Han · Yuxian Meng · Jiwei Li