Cross-model watermarking via discriminative samples for secure authentication

Authors/Creators

Juan Zhao
Yudao Sun
Zhihai Yang
Cai Xu
Hongji Chen
Fan Zhang
Jianxin Li, Edith Cowan UniversityFollow

Abstract

Deep neural networks on cloud platforms face growing security threats, with AI services increasingly relying on heterogeneous models for the same task to meet diverse user needs. Existing methods fail to distinguish benign modifications from malicious attacks in cross-model scenarios. To address this challenge, we propose a non-intrusive cross-model watermarking method that generates discriminative samples as universal keys, enabling authentication without altering model parameters or architectures. Specifically, we introduce a margin enhancement loss to amplify confidence gaps between benign and malicious behaviors, ensuring high transferability across models. Both theoretical analysis and experimental results demonstrate the high efficacy of our proposed method. The generated samples maintain high visual fidelity (SSIM > 0.99), achieve over 3 times higher discriminability than existing methods, retain over 93% accuracy under benign modifications, and detect malicious attacks with accuracy dropping below 9%. Overall, our proposed method provides a robust, transferable, and non-intrusive solution for cross-model authentication, making it ideal for real-world applications where security is critical.

Document Type

Conference Proceeding

Date of Publication

10-27-2025

Publication Title

Proceedings of the 33rd ACM International Conference on Multimedia

Publisher

Association for Computing Machinery

School

School of Business and Law

Funders

National Key R&D Program of China (2024YFB4303400) / Shaanxi Province Science Foundation Fund (2025JC-YBQN-902, 2025JC-YBON892) / Fundamental Research Funds for the Central Universities (XJ2024004401, 300102404301) / National Natural Science Foundation of China (62172331) / Guangdong Basic and Applied Basic Research Foundation (2025A1515010267)

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 License.

Comments

Zhao, J., Sun, Y., Yang, Z., Xu, C., Chen, H., Zhang, F., & Li, J. (2025). Cross-model watermarking via discriminative samples for secure authentication. In Proceedings of the 33rd ACM International Conference on Multimedia (pp. 7864-7873). https://doi.org/10.1145/3746027.3755177

First Page

7864

Last Page

7873