TL;DR
This paper introduces W-IR, a novel watermarking framework that enhances robustness against attacks and mitigates identity leakage by combining randomized smoothing and residual information loss strategies.
Contribution
It presents the first framework to simultaneously address robustness and identity leakage in image watermarking, with a new randomized smoothing technique and residual information loss method.
Findings
W-IR achieves high certified accuracy in authenticity verification.
The framework effectively reduces identity leakage in watermarked images.
Experimental results demonstrate a superior balance between robustness and privacy protection.
Abstract
The rapid advancement of generative AI has underscored the critical need for identifying image ownership and protecting copyrights. This makes post-processing image watermarking an essential tool -- it involves embedding a specific watermark message into an image, with successful verification if a similar message can be decoded from the watermarked image. However, this method is susceptible to both adversarial attacks that manipulate the watermarked image to yield an unverified message upon decoding, and the proposed identity leakage-related attacks (e.g., forging watermarked images). The threat of identity leakage is particularly exacerbated in both empirical and certified robust watermarking methods. To defend against the aforementioned attacks, we propose W-IR, the first image watermarking framework that simultaneously incorporates identity protection and robustness. To enhance model…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Code & Models
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
