Spaces:

homeway
/

PromptCARE

Sleeping

App Files Files Community

PromptCARE / README.md

homeway

Add application file

f3f2dfa almost 2 years ago

preview code

raw

history blame

3.95 kB

	# PromptCARE

	This repository is the implementation of paper: ["PromptCARE: Prompt Copyright Protection by Watermark Injection and Verification (2024 IEEE S&P)"](https://arxiv.org/abs/2308.02816).

	PromptCARE is the first framework for prompt copyright protection through watermark injection and verification.

	---

	![The proposed prompt watermarking framework.](./figure/fig1_framework.jpg)




	# Web Demo:

	Please follow [https://huggingface.co/openlm-research/open_llama_3b](https://huggingface.co/openlm-research/open_llama_3b) to download LLaMA-3b at first!!

	Now start to run the demo using LLaMA on SST-2 database.

	```shell
	streamlit run run.py --server.port 80
	```

	![Demo using LLaMA on SST-2 database](./app/assets/demo.gif)


	Online demo access: [http://106.75.218.41:33382/](http://106.75.218.41:33382/)


	# Watermark Injection & Verification

	### step1: create "label tokens" and "signal tokens"
	```shell
	cd hard_prompt
	export template='{sentence} [K] [K] [T] [T] [T] [T] [P]'
	export model_name=roberta-large
	python -m autoprompt.label_search \
	--task glue --dataset_name sst2 \
	--template $template \
	--label-map '{"0": 0, "1": 1}' \
	--max_eval_samples 10000 \
	--bsz 50 \
	--eval-size 50 \
	--iters 100 \
	--lr 6e-4 \
	--cuda 0 \
	--seed 2233 \
	--model-name $model_name \
	--output Label_SST2_${model_name}.pt
	```


	Open output file, obtain "label_token" and "signal_token" from exp_step1.
	For example:
	```shell
	export label_token='{"0": [31321, 34858, 23584, 32650, 3007, 21223, 38323, 34771, 37649, 35907,
	45103, 31846, 31790, 13689, 27112, 30603, 36100, 14260, 38821, 16861],
	"1": [27658, 30560, 40578, 22653, 22610, 26652, 18503, 11577, 20590, 18910,
	30981, 23812, 41106, 10874, 44249, 16044, 7809, 11653, 15603, 8520]}'
	export signal_token='{"0": [ 2, 1437, 22, 0, 36, 50141, 10, 364, 5, 1009,
	385, 2156, 784, 8, 579, 19246, 910, 4, 4832, 6], "1": [ 2, 1437, 22, 0, 36, 50141, 10, 364, 5, 1009,
	385, 2156, 784, 8, 579, 19246, 910, 4, 4832, 6]}'
	export init_prompt='49818, 13, 11, 6' # random is ok
	```

	### step2.1 prompt tuning (without watermark)
	```shell
	python -m autoprompt.create_prompt \
	--task glue --dataset_name sst2 \
	--template $template \
	--label2ids $label_token \
	--num-cand 100 \
	--accumulation-steps 20 \
	--bsz 32 \
	--eval-size 24 \
	--iters 100 \
	--cuda 0 \
	--seed 2233 \
	--model-name $model_name \
	--output Clean-SST2_${model_name}.pt
	```

	### step2.2 prompt tuning + inject watermark
	```shell
	python -m autoprompt.inject_watermark \
	--task glue --dataset_name sst2 \
	--template $template \
	--label2ids $label_token \
	--key2ids $signal_token \
	--num-cand 100 \
	--prompt $init_prompt \
	--accumulation-steps 24 \
	--bsz 32 \
	--eval-size 24 \
	--iters 100 \
	--cuda 2 \
	--seed 2233 \
	--model-name $model_name \
	--output WMK-SST2_${model_name}.pt
	```

	### step3 evaluate ttest
	```shell
	python -m autoprompt.exp11_ttest \
	--device 1 \
	--path AutoPrompt_glue_sst2/WMK-SST2_roberta-large.pt
	```

	Example for soft prompt can be found in `run_script`


	# Acknowledgment

	Thanks for:

	- P-tuning v2: [https://github.com/THUDM/P-tuning-v2](https://github.com/THUDM/P-tuning-v2)
	- AutoPrompt: [https://github.com/ucinlp/autoprompt](https://github.com/ucinlp/autoprompt)


	# Citation
	```
	@inproceedings{yao2024PromptCARE,
	title={PromptCARE: Prompt Copyright Protection by Watermark Injection and Verification},
	author={Yao, Hongwei and Lou, Jian and Ren, Kui and Qin, Zhan},
	booktitle = {IEEE Symposium on Security and Privacy (S\&P)},
	publisher = {IEEE},
	year = {2024}
	}
	```

	# License

	This library is under the MIT license. For the full copyright and license information, please view the LICENSE file that was distributed with this source code.