2025
ACL
ACL 2025
WET: Overcoming Paraphrasing Vulnerabilities in Embeddings-as-a-Service with Linear Transformation Watermarks
Abstract
AbstractEmbeddings-as-a-Service (EaaS) is a service offered by large language model (LLM) developers to supply embeddings generated by LLMs. Previous research suggests that EaaS is prone to imitation attacks—attacks that clone the underlying EaaS model by training another model on the queried embeddings. As a result, EaaS watermarks are introduced to protect the intellectual property of EaaS providers. In this paper, we first show that existing EaaS watermarks can be removed by paraphrasing when attackers clone the model. Subsequently, we propose a novel watermarking technique that involves linearly transforming the embeddings, and show that it is empirically and theoretically robust against paraphrasing.
🌉
Interdisciplinary Bridge
— Artificial Intelligence and Machine Learning
🧭
Keyword Pioneer
— embedding watermarking
🐝
Cross-Pollinator
— Artificial Intelligence, Computer Vision, Deep Learning, Machine Learning, Mathematics & Optimization, Natural Language Processing, Speech & Audio
Authors
Topics
Artificial Intelligence > Core AI > Model Compression
Machine Learning > Core Methods > Embedding Learning
Machine Learning > Application Areas > Privacy
Machine Learning > Application Areas > Model Compression
Security & Privacy > Privacy
Artificial Intelligence > Core AI > Large Language Models
Artificial Intelligence > Core AI > Knowledge