Agentic Copyright Watermarking against Adversarial Evidence Forgery with Purification-Agnostic Curriculum Proxy Learning

TL;DR

This paper introduces a novel watermarking protocol for AI models that resists adversarial evidence forgery by using purification-agnostic curriculum proxy learning, enhancing ownership verification robustness.

Contribution

It proposes a new watermarking method with a self-authenticating protocol, studies adversarial forgery attacks, and develops a purification-agnostic learning approach to improve watermark security and model performance.

Findings

Effective defense against adversarial evidence forgery attacks.

Improved robustness and reliability of watermarked models.

Enhanced model performance with the proposed learning method.

Abstract

With the proliferation of AI agents in various domains, protecting the ownership of AI models has become crucial due to the significant investment in their development. Unauthorized use and illegal distribution of these models pose serious threats to intellectual property, necessitating effective copyright protection measures. Model watermarking has emerged as a key technique to address this issue, embedding ownership information within models to assert rightful ownership during copyright disputes. This paper presents several contributions to model watermarking: a self-authenticating black-box watermarking protocol using hash techniques, a study on evidence forgery attacks using adversarial perturbations, a proposed defense involving a purification step to counter adversarial attacks, and a purification-agnostic curriculum proxy learning method to enhance watermark robustness and model performance. Experimental results demonstrate the effectiveness of these approaches in improving the security, reliability, and performance of watermarked models.