Ji-Hun Kim, YongTae Shin, Journal of Information Processing Systems Vol. 21, No. 4, pp. 449-456, Aug. 2025  

https://doi.org/10.3745/JIPS.03.0208
Keywords: Adversarial Watermarking, Digital Content Protection, FGSM, GAN, Probability Shift, PSNR
Fulltext: PDF Full Text PubReader

Abstract

This paper proposes a novel adversarial watermarking method combining generative adversarial networks (GANs) and fast gradient sign method (FGSM) to prevent unauthorized artificial intelligence (AI) training while maintaining high visual quality of the watermarked content. GANs are used to generate imperceptible adversarial watermarks that are embedded into the original content, minimizing visual distortions. FGSM enhances these watermarks by introducing targeted perturbations to confuse AI models, significantly degrading their learning performance. Experiments conducted using ResNet-18 demonstrate the effectiveness of the proposed method across key metrics, including peak signal-to-noise ratio, probability shift, and MAX probability shift. The results show that the combined GAN and FGSM approach strikes a balance between maintaining the visual quality of watermarked content and achieving superior adversarial robustness compared to standalone GAN or FGSM methods. This study provides a practical reference for advancing adversarial watermarking techniques, contributing to the protection of intellectual property in the era of AI-driven content creation.

Statistics
Cite this article