PromptCARE: Prompt Copyright Protection by Watermark Injection and Verification
Hongwei Yao, Jian Lou, Zhan Qin, Kui Ren
IEEE Symposium on Security and Privacy 2024 · Day 1 · Continental Ballroom 5
The rapid advancements in Large Language Models (LLMs), exemplified by the phenomenal growth of platforms like ChatGPT, have underscored the critical role of **prompts** in harnessing their capabilities across diverse tasks, from sentiment analysis to creative art generation. As prompts evolve into valuable intellectual property, traded in burgeoning marketplaces with transaction volumes exceeding $100,000, the issue of **prompt copyright protection** has become an urgent concern. Recent incidents, such as the leakage of prompts from prominent LLMs like Baidu Chat and GPT, further highlight the vulnerability of this digital asset.
AI review
This work introduces the first comprehensive framework for prompt watermarking, tackling a critical and rapidly emerging intellectual property problem in the LLM ecosystem. PromptCARE's novel discrete search and bilevel optimization for watermark injection are technically sound and demonstrate high accuracy and robustness with minimal performance impact. This is a foundational piece of research that addresses a real threat model for valuable digital assets.