s Application of Watermarking Technology based on Deep Learning in Face Recognition

Background: Face recognition belonging to biometric recognition has great application value. Its algorithm based on deep learning has been widely used in recent years. Meanwhile, problems that endanger social privacy and security gradually appear, such as stealing, abusing, and illegal deploying models. Objective: The objective of this study is to use chaos to construct a watermark trigger set for protecting the model's intellectual property rights, thereby enabling the model to resist fine-tuning and overwriting attacks. When the model is leaked, it can be traced through a special watermark. Methods: We used the unpredictability and initial value sensitivity of chaos to make the watermark imperceptible and endow multiple deep learning based face recognition models with special watermarks. Results: The face recognition deep learning model embedded watermarks successfully while having high precision for watermark extraction. Meanwhile, it maintained the original function as well as features of watermarks. Experimental results and theoretical analysis indicate that the proposed scheme can resist fine-tuning, overwriting attacks, and trace leaked models. Conclusion: The proposed scheme improved the model's fidelity, safety, practicality, completeness, effectiveness, and the ability to resist common attacks based on machine learning. With the help of special watermarks, related departments can effectively manage face recognition based on deep learning models.