ML-Watermarking

Watermarking in machine learning addresses the risk of model theft, which is incentivized by the high value of models arising from costly data collection, expert design, and intensive training resources. The goal is to embed a secret, verifiable modification, in the model's behavior, so that the legitimate owner can later prove ownership even if the stolen model has been altered.

This library provides mechanisms to protect the intellectual property of ML models by embedding a detectable watermark: implemented as a specific, encoded behavior that can be reliably identified using a curated trigger set. It enables model owners to verify ownership and discourages theft or misuse by making watermark removal costly and performance-degrading for attackers.

Use this library when you need to prove ownership of a model that may be exposed to theft, redistribution, or unauthorized usage, It can be applied during of after training.