To address the challenge that existing large language model (LLM) watermarking techniques struggle to simultaneously defend against paraphrasing attacks and parasitic forgery attacks, this paper proposes DualGuard—the first semantic-adaptive dual-stream watermarking framework unifying defense against both attack types. Methodologically, DualGuard introduces a semantics-driven dual-stream embedding mechanism that dynamically injects complementary watermark signals, enabling robust detection and traceable provenance attribution. It further incorporates adversarial robustness optimization and adaptive watermark injection to preserve textual quality (BLEU degradation < 0.8) while achieving >98% detection accuracy across multiple LLMs and benchmark datasets. The framework significantly enhances watermark reliability and attribution trustworthiness, setting a new standard for practical, attack-resilient LLM watermarking.

With the rapid development of cloud-based services, large language models (LLMs) have become increasingly accessible through various web platforms. However, this accessibility has also led to growing risks of model abuse. LLM watermarking has emerged as an effective approach to mitigate such misuse and protect intellectual property. Existing watermarking algorithms, however, primarily focus on defending against paraphrase attacks while overlooking piggyback spoofing attacks, which can inject harmful content, compromise watermark reliability, and undermine trust in attribution. To address this limitation, we propose DualGuard, the first watermarking algorithm capable of defending against both paraphrase and spoofing attacks. DualGuard employs the adaptive dual-stream watermarking mechanism, in which two complementary watermark signals are dynamically injected based on the semantic content. This design enables DualGuard not only to detect but also to trace spoofing attacks, thereby ensuring reliable and trustworthy watermark detection. Extensive experiments conducted across multiple datasets and language models demonstrate that DualGuard achieves excellent detectability, robustness, traceability, and text quality, effectively advancing the state of LLM watermarking for real-world applications.