Here's an ongoing list to summarize literature about copyright protection in deep learning, including the copyright of models and data.
And we would greatly appreciate your contributions to expand this list! ✧٩(^ω^)و✧
| Year | Title | Copyright Subject | Task Type | Method | Authors | Publisher | 🔗 |
|---|---|---|---|---|---|---|---|
| 2019 | BlackMarks: Blackbox Multibit Watermarking for Deep Neural Networks | Model | Image Encoding | Watermarking | Huili Chen, Bita Darvish Rouhani, and Farinaz Koushanfar | ArXiv | |
| 2020 | Membership Encoding for Deep Learning | Model | Classification | Membership Inference | Congzheng Song, and Reza Shokri | AsiaCCS | |
| 2020 | Towards Probabilistic Verification of Machine Unlearning | Data | Classification | Dirty-label Backdoor Attack | David M. Sommer, Liwei Song, Sameer Wagh, and Prateek Mittal | ArXiv | |
| 2021 | Deep Neural Network Fingerprinting by Conferrable Adversarial Examples | Model | Classification | Adversarial Training; Transfer Learning | Nils Lukas, Yuxuan Zhang, and Florian Kerschbaum | ICLR | pdf & code |
| 2022 | Defending against Model Stealing via Verifying Embedded External Features | Model | Classification | Dirty-label Backdoor Attack; Hypothesis Testing | Li Yiming, Zhu Linghui, Jia Xiaojun, Jiang Yong, Xia Shu-Tao, and Cao Xiaochun | AAAI | pdf & code |
| 2022 | Your Model Trains on My Data? Protecting Intellectual Property of Training Data via Membership Fingerprint Authentication | Model & Data | Classification | Membership Inference | Gaoyang Liu, Tianlong Xu, Xiaoqiang Ma, and Chen Wang | TIFS | |
| 2022 | Deep Model Intellectual Property Protection via Deep Watermarking | Model | Classification | Watermarking; Steganography | Jie Zhang, Dongdong Chen, Jing Liao, Weiming Zhang, Huamin Feng, Gang Hua, and Nenghai Yu | TPAMI | pdf & code |
| 2022 | Data Isotopes for Data Provenance in DNNs | Data | Classification | Watermarking | Emily Wenger, Xiuyu Li, Ben Y. Zhao, and Vitaly Shmatikov | Arxiv | |
| 2022 | Copy, Right? A Testing Framework for Copyright Protection of Deep Learning Models | Model | Classification | Testing | Jialuo Chen, Jingyi Wang, Tinglan Peng, Youcheng Sun, Peng Cheng, Shouling Ji, Xingjun Ma, Bo Li, and Dawn Song | S&P | pdf & code |
| 2022 | Non-Transferable Learning: A New Approach for Model Ownership Verification and Applicability Authorization | Model | Classification | Adversarial Training; Domain Shift; | Lixu Wang, Shichao Xu, Ruiqi Xu, Xiao Wang, and Qi Zhu | ICLR | pdf & code |
| 2022 | Untargeted Backdoor Watermark: Towards Harmless and Stealthy Dataset Copyright Protection | Dataset | Classification | Dirty-&Clean-label Backdoor Attack; Adversarial Training; Hypothesis Testing | Yiming Li, Yang Bai, Yong Jiang, Yong Yang, Shu-Tao Xia, and Bo Li | NeurIPS | pdf & code |
| 2023 | Did You Train on My Dataset? Towards Public Dataset Protection with Clean-Label Backdoor Watermarking | Dataset | Classification | Clean-label Backdoor Attack; Hypothesis Testing | Ruixiang Tang, Qizhang Feng, Ninghao Liu, Fan Yang, and Xia Hu | arXiv | pdf & code |
| 2023 | Black-Box Dataset Ownership Verification via Backdoor Watermarking | Dataset | Classification | Dirty-label Backdoor Attack; Hypothesis Testing | Yiming Li, Mingyan Zhu, Xue Yang, Yong Jiang, Tao Wei, and Shu-Tao Xia | TIFS | pdf & code |
| 2023 | Domain Watermark: Effective and Harmless Dataset Copyright Protection is Closed at Hand | Dataset | Classification | Adversarial Training; Domain Shift; Hypothesis Testing | Junfeng Guo, Yiming Li, Lixu Wang, Shu-Tao Xia, Heng Huang, Cong Liu, and Bo Li | NeurIPS | pdf & code |
What's the difference between Ownership and Copyright in deep learning?