Robust Adversarial Watermark Defending Against GAN Synthesization Attack

Shengwang Xu; Tong Qiao; Ming Xu; Wei Wang; Ning Zheng

Robust Adversarial Watermark Defending Against GAN Synthesization Attack

Shengwang Xu, Tong Qiao, Ming Xu, Wei Wang, Ning Zheng

Published: 01 Jan 2024, Last Modified: 09 Apr 2025IEEE Signal Process. Lett. 2024EveryoneRevisionsBibTeXCC BY-SA 4.0

Abstract: The proliferation of facial manipulation has been propelled by generative adversarial networks (GAN), severely threatening to the personal privacy and reputation. Accordingly, one such countermeasure is adversarial watermark, which is embedded into the protected image prior to GAN synthesization attack, resulting into the distorted fake content obtained by malicious attackers. However, in practice, JPEG compression usually causes a remarkable degradation on the performance of adversarial watermark. To address this challengeable issue, this letter presents a novel robust adversarial watermark, which can effectively defend against GAN synthesization attack, even though suffering from JPEG compression. Extensive experiments verify the superiority of our proposed method in the benchmark dataset; more importantly, the robustness of the proposed adversarial watermark is comprehensively evaluated on the both simulated transmission channel and the realism social network platform.

Loading