报告题目:Toward Provable Security for Watermarking in AI-Generated Content
报告专家:Prof. Ee-Chien Chang
报告地点:临江楼A103报告厅
报告时间:2026年5月29日(周五)下午14:00
主持人:熊礼治教授
报告摘要:
A longstanding challenge in digital watermarking is to provide strong security guarantees against knowledgeable adversaries operating within a well-defined threat model. Existing analyses are often limited to empirical evaluations under random noise perturbations, rather than adversarial perturbation designed with knowledge of the watermarking algorithm and access to selected blackboxes. In this talk, we investigate provable security for watermarking schemes in diffusion-based AI-generated content (AIGC). We formalize adversarial capabilities through an oracle-based threat framework and characterize watermark removal attacks via reductions to white-noise perturbation. In particular, we show that a simple secret transformation can effectively reduce arbitrary adaptive attacks to “dumb” white-noise attacks. We further study proof-of-ownership guarantees and identify assumptions on the generation process under which rigorous security results can be established. Our discussion aims to bridge practical watermarking techniques with cryptographic-style security analysis, providing a foundation for more reliable attribution and ownership verification in generative AI systems.
报告人简介:
Ee-Chien Chang is an Associate Professor in the School of Computing at the National University of Singapore (NUS). He received his PhD in Computer Science from New York University, and subsequently held postdoctoral positions at DIMACS, Rutgers University, and NEC Labs America. His research focuses on cybersecurity, with a particular interest in cross-domain problems. His earlier work includes multimedia security, such as image forensics, image watermarking, and biometric cryptography, which lie at the intersection of multimedia processing and applied cryptography. His current research investigates the use of machine learning in security-critical applications and the security, robustness, and trustworthiness of machine learning systems in adversarial settings. He has published in leading conferences and journals. He holds several patents, some of which have been acquired by third parties, and has engaged in technical consultancy with industry and public-sector organizations. He currently serves as a Lead Principal Investigator of the National Cybersecurity R&D Laboratory (NCL) at NUS.
欢迎广大师生踊跃参加!
