A2-DIDM: Privacy-preserving Accumulator-enabled Auditing for Distributed Identity of DNN Model
arxiv(2024)
摘要
Recent booming development of Generative Artificial Intelligence (GenAI) has
facilitated an emerging model commercialization for the purpose of
reinforcement on model performance, such as licensing or trading Deep Neural
Network (DNN) models. However, DNN model trading may trigger concerns of the
unauthorized replications or misuses over the model, so that the benefit of the
model ownership will be violated. Model identity auditing is a challenging
issue in protecting intellectual property of DNN models and verifying the
integrity and ownership of models for guaranteeing trusts in transactions is
one of the critical obstacles. In this paper, we focus on the above issue and
propose a novel Accumulator-enabled Auditing for Distributed Identity of DNN
Model (A2-DIDM) that utilizes blockchain and zero-knowledge techniques to
protect data and function privacy while ensuring the lightweight on-chain
ownership verification. The proposed model presents a scheme of identity
records via configuring model weight checkpoints with corresponding
zero-knowledge proofs, which incorporates predicates to capture incremental
state changes in model weight checkpoints. Our scheme ensures both
computational integrity of DNN training process and programmability, so that
the uniqueness of the weight checkpoint sequence in a DNN model is preserved,
ensuring the correctness of the model identity auditing. In addition, A2-DIDM
also addresses privacy protections in distributed identity via a proposed
method of accumulators. We systematically analyze the security and robustness
of our proposed model and further evaluate the effectiveness and usability of
auditing DNN model identities.
更多查看译文
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要