	US 11,687,623 B2
	Anti-piracy framework for deep neural networks
Min Wu, Clarksville, MD (US); and Mingliang Chen, Greenbelt, MD (US)
Assigned to UNIVERSITY OF MARYLAND, COLLEGE PARK, College Park, MD (US)
Filed by UNIVERSITY OF MARYLAND, COLLEGE PARK, College Park, MD (US)
Filed on Dec. 10, 2019, as Appl. No. 16/709,422.
Claims priority of provisional application 62/777,665, filed on Dec. 10, 2018.
Prior Publication US 2020/0184036 A1, Jun. 11, 2020
Int. Cl. G06F 21/10 (2013.01); G06N 3/04 (2006.01); G06F 21/60 (2013.01); G06F 21/62 (2013.01); G06F 21/00 (2013.01)

CPC G06F 21/10 (2013.01) [G06F 21/60 (2013.01); G06F 21/604 (2013.01); G06F 21/62 (2013.01); G06N 3/04 (2013.01)]

15 Claims

1. A method, comprising:

receiving authorized raw input at a protective transform module;

receiving unauthorized raw input at a restrictive deep neural network;

processing the authorized raw input at the protective transform module to generate a processed input;

feeding the processed input into the restrictive deep neural network; and

generating a result based on the processed input and the unauthorized raw input,

wherein the result comprises a different learning performance between the authorized raw input and the unauthorized raw input,

wherein processing the authorized raw input comprises applying a perturbation on the authorized raw input, and

wherein the perturbation comprises a predetermined universal perturbation matrix for all inputs, a universal perturbation matrix for all inputs, or a specific perturbation matrix for each input.