Learning to Watermark: A Selective Watermarking Framework for Large Language Models via Multi-Objective Optimization

The rapid development of LLMs has raised concerns about their potential misuse, leading to various watermarking schemes that typically offer high detectability. However, existing watermarking techniques often face trade-off between watermark detectability and generated text quality. In this paper, we introduce Learning to Watermark (LTW), a novel selective watermarking framework that leverages multi-objective optimization to effectively balance these competing goals. LTW features a lightweight network that adaptively decides when to apply the watermark by analyzing sentence embeddings, token entropy, and current watermarking ratio. Training of the network involves two specifically constructed loss functions that guide the model toward Pareto-optimal solutions, thereby harmonizing watermark detectability and text quality. By integrating LTW with two baseline watermarking methods, our experimental evaluations demonstrate that LTW significantly enhances text quality without compromising detectability. Our selective watermarking approach offers a new perspective for designing watermarks for LLMs and a way to preserve high text quality for watermarks. The code is publicly available at: https://github.com/fattyray/learning-to-watermark

Key Contributions

• Selector Network — a lightweight MLP that adaptively decides when to apply watermarking using sentence embeddings, token entropy, and current watermarking ratio
• Multi-objective training with detectability and quality loss functions guiding the Selector Network toward Pareto-optimal watermarking decisions via MGDA
• Plug-in framework that wraps existing watermarking methods (e.g., KGW) to improve text quality without sacrificing detectability

🛡️ Threat Analysis

Details

Similar Papers