pierrefdz
commented
4 hours ago Hi, you can do the forward 4 times for 4 different messages, and mask the image with 4 different masks.
You can see the part Two localized watermarks per image or With segmentation masks of https://github.com/facebookresearch/watermark-anything/blob/main/notebooks/inference.ipynb
Hello, I am seeking guidance on how to effectively defend against collage attacks when embedding user IDs in images. In this scenario, an attacker could purchase the same image multiple times using different IDs, then splice together parts of each uniquely watermarked image to create a composite image. How can we counteract such a technique?
Upon testing with four different watermarked messages, each taken in one-quarter segments, it became apparent that this approach can largely bypass the WAM model. The accuracy of detecting the correct watermark information tends to drop to about 0.7 bit accuracy per message. However, traditional digital watermarking techniques such as DCTDWTSVD often result in overlapping watermark images when multiple watermarks are embedded. So it is still possible to discern how many different watermarks are included through extraction.
In the third section of the paper, "Detection, Localization, and Message Extraction," there is mention of embedding multiple pieces of information in the same image as a defense strategy. Could you provide a more detailed explanation of this method?
Any insights or recommendations on how to deal with this would be greatly appreciated.
Thank you!