ROMark: A Robust Watermarking System Using Adversarial Training

TL;DR

This paper introduces ROMark, a CNN-based digital watermarking system enhanced with adversarial training to improve robustness against image-processing attacks, demonstrating effectiveness on the COCO dataset.

Contribution

It applies robust optimization from adversarial machine learning to strengthen watermarking robustness, a novel integration in digital watermarking frameworks.

Findings

Robust optimization improves watermark robustness against attacks.

The system performs well on the COCO dataset.

Adversarial training enhances imperceptibility and resilience.

Abstract

The availability and easy access to digital communication increase the risk of copyrighted material piracy. In order to detect illegal use or distribution of data, digital watermarking has been proposed as a suitable tool. It protects the copyright of digital content by embedding imperceptible information into the data in the presence of an adversary. The goal of the adversary is to remove the copyrighted content of the data. Therefore, an efficient watermarking framework must be robust to multiple image-processing operations known as attacks that can alter embedded copyright information. Another line of research \textit{adversarial machine learning} also tackles with similar problems to guarantee robustness to imperceptible perturbations of the input. In this work, we propose to apply robust optimization from adversarial machine learning to improve the robustness of a CNN-based watermarking framework. Our experimental results on the COCO dataset show that the robustness of a watermarking framework can be improved by utilizing robust optimization in training.