A Robust Invisible Watermark for Tabular Generative Models

Watermarking tabular generative models is critical for preventing misuse of synthetic tabular data. However, existing watermarking methods for tabular data often lack robustness against common attacks (e.g., row shuffling) or are limited to specific data types (e.g., numerical), restricting their practical utility. To address these challenges, we propose RINTAW, a novel watermarking framework for tabular generative models that is robust to common attacks while preserving data fidelity. RINTAW embeds watermarks by leveraging a subset of column values as seeds. To ensure the pseudorandomness of the watermark key, RINTAW employs an adaptive column selection strategy and a masking mechanism to enforce distribution uniformity. This approach guarantees minimal distortion to the original data distribution and is compatible with any tabular data format (numerical, categorical, or mixed) and generative model architecture. We validate RINTAW on six real-world tabular datasets, demonstrating that the quality of watermarked tables remains nearly indistinguishable from non-watermarked ones while achieving high detectability even under strong post-editing attacks. The code has been made available at \url{https://anonymous.4open.science/r/RINTAW-3527}.