Dual-Locking Learned AI Models: A PIN-Based Sparse QIM Watermarking and Adaptive Index Permutation Approach
inforesearchPeer-Reviewed
researchsecurity
Source: IEEE Xplore (Security & AI Journals)November 26, 2025
Summary
Researchers developed a dual-locking security method for protecting trained neural networks by combining two techniques: a PIN (personal identification number)-based watermark embedded in the network's bias coefficients, and a cryptographic key that scrambles the network's internal index vectors. When locked without the correct key, the network becomes nearly non-functional (dropping accuracy below 10%), but unlocking with the right key fully restores its performance while keeping the ownership watermark hidden inside the model.
Classification
Attack SophisticationAdvanced
Impact (CIA+S)
integrity
AI Component TargetedModel
Monthly digest — independent AI security research
Original source: http://ieeexplore.ieee.org/document/11269351
First tracked: June 1, 2026 at 08:03 PM
Classified by LLM (prompt v3) · confidence: 92%