Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

LOCKEY: A Novel Approach to Model Authentication and Deepfake Tracking

Mayank Kumar Singh, Naoya Takahashi, Wei-Hsiang Liao, Yuki Mitsufuji

Abstract

This paper presents a novel approach to deter unauthorized deepfakes and enable user tracking in generative models, even when the user has full access to the model parameters, by integrating key-based model authentication with watermarking techniques. Our method involves providing users with model parameters accompanied by a unique, user-specific key. During inference, the model is conditioned upon the key along with the standard input. A valid key results in the expected output, while an invalid key triggers a degraded output, thereby enforcing key-based model authentication. For user tracking, the model embeds the user's unique key as a watermark within the generated content, facilitating the identification of the user's ID. We demonstrate the effectiveness of our approach on two types of models, audio codecs and vocoders, utilizing the SilentCipher watermarking method. Additionally, we assess the robustness of the embedded watermarks against various distortions, validating their reliability in various scenarios.

LOCKEY: A Novel Approach to Model Authentication and Deepfake Tracking

Abstract

This paper presents a novel approach to deter unauthorized deepfakes and enable user tracking in generative models, even when the user has full access to the model parameters, by integrating key-based model authentication with watermarking techniques. Our method involves providing users with model parameters accompanied by a unique, user-specific key. During inference, the model is conditioned upon the key along with the standard input. A valid key results in the expected output, while an invalid key triggers a degraded output, thereby enforcing key-based model authentication. For user tracking, the model embeds the user's unique key as a watermark within the generated content, facilitating the identification of the user's ID. We demonstrate the effectiveness of our approach on two types of models, audio codecs and vocoders, utilizing the SilentCipher watermarking method. Additionally, we assess the robustness of the embedded watermarks against various distortions, validating their reliability in various scenarios.
Paper Structure (17 sections, 4 equations, 5 figures, 3 tables)

This paper contains 17 sections, 4 equations, 5 figures, 3 tables.

Table of Contents

  1. Introduction
  2. Related Works
  3. Proposed Method
  4. Valid key losses
  5. Ensuring the watermark is embedded
  6. Ensuring the perceptual quality of the model
  7. Invalid key losses
  8. Key Verification Loss
  9. Total Loss
  10. Experiments
  11. Datasets
  12. Training
  13. Results
  14. Objective Results
  15. Subjective Results
  16. ...and 2 more sections

Figures (5)

  • Figure 1: Model Training & Inference Flow
  • Figure 2: SDR across valid keys. The keys are sorted ascendingly based on their mean SDR on 200 samples
  • Figure 3: SDR across invalid keys. The keys are sorted descendingly based on their mean SDR on 200 samples
  • Figure 4: Valid-Invalid SDR across no of total keys
  • Figure 5: Distortions Using Gaussian Noise. The numbers on corresponding to each data point denote the standard deviation of the added gaussian noise.