	US 11,699,208 B2
	Method for watermarking a machine learning model
Wilhelmus Petrus Adrianus Johannus Michiels, Reusel (NL); and Frederik Dirk Schalij, Eindhoven (NL)
Assigned to NXP B.V., Eindhoven (NL)
Filed by NXP B.V., Eindhoven (NL)
Filed on Mar. 12, 2021, as Appl. No. 17/199,526.
Prior Publication US 2022/0292623 A1, Sep. 15, 2022
Int. Cl. G06T 1/00 (2006.01); G06F 18/214 (2023.01); G06F 18/21 (2023.01); G06N 20/00 (2019.01)

CPC G06T 1/0021 (2013.01) [G06F 18/214 (2023.01); G06F 18/217 (2023.01); G06N 20/00 (2019.01)]

24 Claims

1. A method for watermarking a machine learning (ML) model for use in object detection, the method comprising:

selecting a set of training samples to use for training the ML model;

selecting a first subset of samples from the set of training samples, each of the first subset of samples having an object of a predetermined class;

selecting a first pixel pattern to use as a watermark in the first subset of samples;

drawing a bounding box around each of the objects in the first subset of samples, wherein the bounding box has a first dimension and a second dimension;

selecting a target label that is unrelated to the predetermined class;

labeling each bounding box of the first set of images with the target label;

inserting the first pixel pattern into each bounding box of the first subset of samples, wherein the first pixel pattern is scaled for each bounding box for each of the objects such that a first dimension of the first pixel pattern substantially matches one of the first or second dimensions of the bounding box; and

training the ML model with the set of training samples and the first subset of samples to produce a trained and watermarked ML model.