Abstract
Semantic Communication (SC) codecs contain valuable intellectual property, but current security is ineffective against model piracy. To address this, we propose SemGuard, an intrinsic trusted access framework that embeds a backdoor within the SC codec. Legitimate users use a credential generator to embed sample-specific credentials into inputs, activating the backdoor for seamless transmission. Conversely, unauthorized inputs lacking this credential are deliberately processed into anomalous outputs. This backdoor is implanted via a regularized joint training process. Even if the model is extracted, it remains functionless without credentials, effectively deterring illegitimate access without sacrificing efficiency, and preserving defensive efficacy in adversarial settings.