Skip to content
/ Secure-Diffusion-Watermarking-Survey Public

A curated collection of papers on watermarking, attribution, and provenance in diffusion models. Based on the Secure Diffusion survey, this repo organizes key techniques and resources for safeguarding generative content.

License

MIT license
3 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

tongyu0924/Secure-Diffusion-Watermarking-Survey

BranchesTags

Repository files navigation

Secure Watermarking and Traceability in Diffusion Models

NTUST Introduction to Information Security – Final Term Report (Spring 2025)

This repository contains the final course report for Introduction to Information Security at
National Taiwan University of Science and Technology (NTUST).
The report surveys recent techniques for securing diffusion-based generative models using watermarking and traceability strategies.

Course: NTUST Introduction to Information Security

Report

File Description
survey.pdf Final version of the term report, formatted with IEEE template

Topics Covered

  • Diffusion models overview
  • Latent-space watermark injection
  • Pixel-space and steganographic methods
  • Model fingerprinting and attribution techniques
  • Legal & ethical challenges
  • Benchmark criteria (robustness, fidelity, stealth)

Taxonomy Overview

Model-level Watermarking
├── Latent-space Watermarking
│   ├── CLUE-MARK (arXiv 2024)
│   ├── Robin (NeurIPS 2024)
│   └── LaWa (arXiv 2024)
└── Adversarial & Semantic Conditioning
    ├── InvisMark (WACV 2025)
    └── PT-Mark (arXiv 2025)

Output-level Traceability
├── Image/Video Watermarking
│   ├── StegaStamp (CVPR 2020)
│   ├── CoSDA (AAAI 2025)
│   └── Tree-Ring Watermark (arXiv 2023)
└── Decoder Inversion & Robustness Defenses
    ├── Gradient-Free Decoder Inversion (NeurIPS 2024)
    └── Watermark Removal vs. Defense Study (arXiv 2024)

Provenance Verification
├── Fingerprinting & Residual Signatures
│   ├── Diffusion Signature Analysis (ICCV 2023)
│   ├── VIDiff (CVPR 2024)
│   └── Stable Signature (arXiv 2023)
├── Identity Embedding
│   └── TraceMark-LDM (arXiv 2025)
└── Multimodal & Benchmark Extensions
    ├── ProMark (CVPR 2024)
    └── SAT-LDM (arXiv 2024)

Ownership & Identity Protection
├── PCDiff: Prompt-Controlled Ownership Binding (arXiv 2025)
├── WaDiff: Watermark-Conditioned Diffusion (arXiv 2024)
└── Aqualora: LoRA-based Model Authentication (arXiv 2024)

Surveyed Papers

1. Model-level Watermarking

Title Venue Link Technique Code
CLUE-MARK: Watermarking Diffusion Models using CLWE arXiv 2024 arXiv:2411.11434 Latent Watermarking None
PCDiff: Proactive Control for Ownership Protection arXiv 2025 arXiv:2504.11774 Ownership + Traceability None
PT-Mark: Invisible Watermarking via Semantic Tuning arXiv 2025 arXiv:2504.10853 Semantic-aware Tuning None
Towards a Correct Usage of Cryptography in Semantic Watermarks arXiv 2025 arXiv:2503.11404 Cryptography-based Semantic Watermarking None
Robin: Robust and Invisible Watermarks for Diffusion Models NeurIPS 2024 PDF Adversarial Watermarking None
LaWa: Using Latent Space for In-Generation Image Watermarking ECCV 2024 arXiv:2408.05868 Latent In-Generation Watermarking None
The Stable Signature: Rooting Watermarks in Latent Diffusion Models ICCV 2023 PDF Identity-Embedded Latent Watermarking None
RoSteALS: Robust Steganography Using Autoencoder Latent Space arXiv 2023 arXiv:2304.03400 Latent-space Steganographic Watermarking None
Latent Watermark: Inject and Detect Watermarks in Latent Diffusion Models arXiv 2024 arXiv:2404.00230 Latent Embedding & Detection None
DiffusionGuard: Protecting Diffusion Models Against Visual Prompt Injection via Robust Watermarking arXiv 2024 arXiv:2410.05694 Prompt-level & Output Watermarking GitHub
ProMark: Proactive Diffusion Watermarking for Causal Attribution CVPR 2024 PDF Causal Attribution Watermarking None

2. Output-level Traceability

Title Venue Link Technique Code
CoSDA: Inversion-based Robust Watermarking AAAI 2025 PDF Output Watermarking None
DTR: Tree-Ring Watermarking for Videos IEEE ICASSP 2025 IEEE Abstract Video Hierarchical WM None
Gradient-free Decoder Inversion in Latent Diffusion NeurIPS 2024 Link Decoder Inversion None
DiffuseTrace: A Transparent and Flexible Watermarking Scheme for Latent Diffusion Model arXiv 2024 arXiv:2405.02696 Semantic Latent Watermarking None
InvisMark: Invisible and Robust Watermarking for AI-Generated Image Provenance WACV 2025 arXiv:2411.07795 Neural Network-Based Watermarking GitHub
Shallow Diffuse: Robust and Invisible Watermarking through Low-Dimensional Subspaces in Diffusion Models arXiv 2024 arXiv:2410.21088 Low-Dimensional Subspace Watermarking None
StegaStamp: Invisible Learning-based Watermarking in Images CVPR 2020 PDF Output Neural Watermarking GitHub

3. Provenance Verification

Title Venue Link Technique Code
The Stable Signature: Rooting Watermarks in Latent Diffusion Models ICCV 2023 Paper Latent-space Watermarking GitHub
Attributing Fake Images to GANs: Learning and Analyzing Fingerprints ICCV 2019 PDF Fingerprinting GitHub
GenPTW: In-Generation Image Watermarking for Provenance Tracing and Tamper Localization arXiv 2025 arXiv:2504.19567 In-Generation Watermarking None
Tree-Ring Watermarks: Fingerprints for Diffusion Images arXiv 2023 arXiv:2305.20030 Fourier-space Fingerprinting GitHub
Generative Models are Self-Watermarked: Declaring Model Authentication through Re-Generation arXiv 2024 arXiv:2402.16889 Re-Generation Fingerprinting None
WOUAF: Weight Modulation for User Attribution and Fingerprinting in Text-to-Image Diffusion Models CVPR 2024 PDF Weight Modulation Fingerprinting None

4. Ownership & Identity Protection

Title Venue Link Technique Code
PCDiff: Proactive Control for Ownership Protection arXiv 2025 arXiv:2504.11774 Ownership Traceability None
A Watermark-Conditioned Diffusion Model for IP Protection arXiv 2024 arXiv:2403.10893 Ownership Fingerprinting GitHub
TraceMark-LDM: Authenticatable Watermarking for Latent Diffusion Models arXiv 2025 arXiv:2503.23332 Owner & User Identity Watermark None
Dynamic Watermarks in Images Generated by Diffusion Models arXiv 2025 arXiv:2502.08927 QR-code Embedded Watermark None
GROOT: Generating Robust Watermarks for Diffusion-Model-Based Audio Synthesis ACM MM 2024 ACM Link Ownership Traceability for Audio None
Watermarking for Stable Diffusion Models IEEE IoT Journal 2024 IEEE Link Invisible Watermarking None
Diffusetrace: Transparent and Flexible Watermarking for Latent Diffusion Models arXiv 2024 arXiv:2405.02696 Flexible Ownership Watermark None
Protect-your-IP: Scalable Source-Tracing Against Personalized Generation arXiv 2024 arXiv:2405.16596 Source-Tracing Attribution None
Aqualora: Toward White-Box Protection via Watermark LoRA arXiv 2024 arXiv:2405.11135 LoRA Watermarking None
Watermark-Embedded Adversarial Examples Against Diffusion Models CVPR 2024 CVPR Link Visible Ownership Watermark None

About

A curated collection of papers on watermarking, attribution, and provenance in diffusion models. Based on the Secure Diffusion survey, this repo organizes key techniques and resources for safeguarding generative content.

Resources

Readme

License

MIT license
Activity

Stars

3 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages