This paper analyzes existing watermarking schemes for autoregressive image generators and demonstrates that they are vulnerable to various removal and forgery attacks, suggesting they are unreliable f…

The paper demonstrates that current AI watermark removal techniques fail to achieve true forensic stealth, as the removal process often leaves behind detectable signals that distinguish the output fro…

The paper proposes W-IR, a novel watermarking framework that simultaneously achieves high certified robustness against adversarial attacks and effectively mitigates identity leakage in watermarked ima…

Gaussian Shannon proposes a novel watermarking framework that treats diffusion generation as a noisy communication channel, enabling both robust tracing and exact bit-level recovery of embedded waterm…

The paper proposes a simple, generic attack strategy—re-watermarking—that reliably suppresses existing watermarks, demonstrating that watermarks can be used to attack other watermarks.

The paper proposes Cert-LAS, a novel certified method for verifying model ownership in text-to-image diffusion models, which is robust against malicious signal removal attacks.

The paper introduces SeedHijack, a novel, undetectable supply-chain attack that biases LLM watermarking signals by hijacking the underlying Pseudo-Random Number Generator (PRNG) without altering the g…

The paper introduces SeedHijack, a novel, undetectable supply-chain attack that biases LLM watermarking signals by hijacking the underlying PRNG, thereby amplifying the watermark without altering the…

The paper argues that watermarking must be viewed as a monitoring primitive, introducing an observer-based threat model that shows even zero-bit watermarking can enable entity-level attribution throug…

Rel-Zero proposes a novel zero-watermarking technique that embeds invisible watermarks by exploiting the invariance of relational distances between image patches during AI editing, achieving superior…

Dual-Guard introduces a dual-channel latent watermarking framework that simultaneously embeds global provenance and localized content anchors into diffusion images, achieving robust detection against…

The paper proposes a novel binomial multibit LLM watermarking scheme that encodes every bit of a payload at every token position, achieving superior message accuracy and robustness compared to existin…

The paper proposes Functional Subspace Watermarking (FSW), a robust method that embeds ownership signals into a stable, low-dimensional functional subspace of LLMs, significantly improving detection a…

This paper compares modern and classic post-hoc watermarking methods, concluding that classic techniques offer superior security and robustness in realistic scenarios compared to modern neural network…

The paper proposes GREW, a novel Green-REd Watermarking framework that embeds ownership signals into recommender systems' intrinsic ranking process without requiring synthetic data, achieving robust p…

The paper introduces a simple, near-optimal detection mechanism for the Gumbel watermarking scheme, proving its effectiveness under i.i.d. next-token sampling.

LoRA-Key introduces a user-centric watermarking framework that attaches a recoverable ownership key to LoRA modules via a standalone Watermark LoRA, providing lightweight, plug-and-play copyright prot…

VertMark introduces a novel, unified, and training-free framework to embed robust watermarks into vertical domain pre-trained language models (VPLMs) for copyright protection across multiple specializ…

The paper proposes a novel global sketch-based watermarking technique for diffusion language models that controls the entire sequence's statistics, offering an order-agnostic and context-independent a…

The paper proposes GeoMark, a geometry-aware localized watermarking framework that robustly protects Embedding-as-a-Service (EaaS) against model stealing and copyright infringement while preserving ut…