When Federated Learning meets Watermarking: A Comprehensive Overview of Techniques for Intellectual Property Protection

TL;DR

This paper reviews recent advancements in watermarking techniques tailored for Federated Learning, highlighting challenges and opportunities in protecting intellectual property without compromising privacy.

Contribution

It provides a comprehensive overview of federated learning watermarking methods, emphasizing the unique constraints and recent progress in the field.

Findings

Most watermarking methods are centralized, with few designed specifically for FL.

Recent advancements address FL-specific challenges in watermarking.

Opportunities exist for developing more robust FL watermarking techniques.

Abstract

Federated Learning (FL) is a technique that allows multiple participants to collaboratively train a Deep Neural Network (DNN) without the need of centralizing their data. Among other advantages, it comes with privacy-preserving properties making it attractive for application in sensitive contexts, such as health care or the military. Although the data are not explicitly exchanged, the training procedure requires sharing information about participants' models. This makes the individual models vulnerable to theft or unauthorized distribution by malicious actors. To address the issue of ownership rights protection in the context of Machine Learning (ML), DNN Watermarking methods have been developed during the last five years. Most existing works have focused on watermarking in a centralized manner, but only a few methods have been designed for FL and its unique constraints. In this paper, we provide an overview of recent advancements in Federated Learning watermarking, shedding light on the new challenges and opportunities that arise in this field.