Steganographic Passport: A Robust Ownership and License Verification Mechanism for Deep Learning Models
The proposed Steganographic Passport enables both the owner's model ownership and the user's license-to-use to be verified without requiring model retraining. It uses an invertible steganographic network to hide the user's identity in the owner's passport, and an activation-level obfuscation to safeguard the verification branch against advanced ambiguity attacks.