US 12,013,922 B2
Method for watermarking a machine learning model
Wilhelmus Petrus Adrianus Johannus Michiels, Reusel (NL); and Frederik Dirk Schalij, Eindhoven (NL)
Assigned to NXP B.V., Eindhoven (NL)
Filed by NXP B.V., Eindhoven (NL)
Filed on Jul. 30, 2021, as Appl. No. 17/444,108.
Prior Publication US 2023/0029578 A1, Feb. 2, 2023
Int. Cl. G06N 20/00 (2019.01); G06F 21/16 (2013.01); G06N 5/04 (2023.01); G06T 3/40 (2024.01); G06V 20/58 (2022.01)
CPC G06F 21/16 (2013.01) [G06N 5/04 (2013.01); G06N 20/00 (2019.01); G06T 3/40 (2013.01); G06V 20/584 (2022.01)] 20 Claims
OG exemplary drawing
 
1. A method for watermarking a machine learning (ML) model for use in object detection, the method comprising:
selecting a set of training images for training the ML model;
selecting a first subset of images from the set of training images, each of the first subset of images having a plurality of objects objects, wherein each object of the plurality of objects includes a class label;
selecting a pixel pattern to use as a watermark in the first subset of images;
scaling the pixel pattern such that during training of the ML model, the scaled pixel pattern influences training of all the plurality of objects of each image of the subset of images;
overlaying each image of the first subset of images with the scaled pixel pattern to produce a modified first subset of images; and
training the ML model with the set of training images and the modified first subset of images to produce a trained and watermarked ML model.