Concetti Chiave
Backdoor watermarks in EaaS embeddings can be breached, leading to the development of WARDEN for enhanced protection.
Sintesi
EaaS offers feature extraction for NLP tasks.
Concerns about model extraction attacks in EaaS.
Introduction of backdoor watermarks for copyright protection.
CSE attack removes backdoor watermarks.
WARDEN defense increases protection against CSE.
Experiments on different datasets to evaluate effectiveness.
Statistiche
EaaS는 NLP 작업을 위한 기능 추출을 제공합니다.
모델 추출 공격에 대한 우려가 있습니다.
백도어 워터마크가 저작권 보호를 위해 도입되었습니다.
CSE 공격은 백도어 워터마크를 제거합니다.
WARDEN 방어는 CSE에 대한 보호 강화를 증가시킵니다.
Citazioni
"Through the analysis of the recent watermarking strategy for EaaS, EmbMarker, we design a novel CSE (Clustering, Selection, Elimination) attack that removes the backdoor watermark while maintaining the high utility of embeddings."
"Our defense approach, WARDEN, notably increases the stealthiness of watermarks and empirically has been shown effective against CSE attack."