Since the emergence of large artificial intelligence (AI) language models such as ChatGPT, one of the big concerns has been the possibility of many people passing off as their own work that an algorithm has actually produced, an issue of particular relevance in areas such as education or research.
A team led by Sumanth Dathathri and Pushmeet Kohli, members of Google’s DeepMind laboratory, has developed a sampling algorithm capable of applying watermarks to the text generated by its AI tool and making it recognizable. The system introduces small changes, statistically detectable, but barely noticeable to humans, which function as a signature that can be recognized by the associated detection software.
The new software, named SynthID-Text, is described in a paper published this Wednesday in the journal Nature. The authors have tested the detectability of these watermarks and found a substantial improvement compared to existing approaches. The algorithm has a “distorting” mode, which improves the watermark at a small cost to the output quality of the text, and a “non-distorting” mode, which preserves the quality of the text.
Text quality has been evaluated using almost 20 million responses from live chat interactions with Google DeepMind language model, Gemini LLM
The authors have evaluated the system using almost 20 million responses from live chat interactions with the Google DeepMind language model, Gemini LLM and they conclude that the distortion-free mode does not decrease the quality of the text. They have also found that the tool has a non-negligible impact on the computational power needed to run LLM, lowering the barrier to implementation.
Although DeepMind researchers have tested Google’s tool, these types of approaches could be generalized to other technologies, such as the most popular, ChatGPT. The company responsible for this chatbot, OpenAI, acknowledged this summer that it has a system ready to recognize its texts, although it has not decided to launch it for fear of harming its results. “Our teams have developed a text watermarking method that we continue to consider as we investigate alternatives,” the company admitted. They are also investigating the use of other means, such as metadata, to recognize the origin of the text.
“This technology allows Google to detect text content generated by our own Gemini application and the web experience,” DeepMind explains to elDiario.es. “Now other generative AI developers will be able to use this technology to help them detect if text results come from their own LLMs, as it is offered in open source code.” The authors of the new work consider it to be one more step to improve accountability and transparency in the responsible use of artificial intelligence, although they recognize that text watermarks can be avoided by editing or paraphrasing the result.
A possible escape route
The doctor in artificial intelligence, Nerea Luis, believes that the result is very interesting and highlights that, despite introducing certain sets of words to generate these marks, the quality of the text is not altered and the user does not perceive a loss of quality. “For me the strong point is that the demonstration has been done with the model like the one that everyone uses, not a laboratory one,” he explains to elDiario.es. “Even so, the method is effective in the first generation of the text, but it cannot be maintained over time if new text is added or part is modified,” he points out. “This is the real problem in general with the issue of traceability if we want to apply it to LLMs, especially with texts, which are something so changeable.”
The strong point is that the demonstration has been done with the model that everyone uses, not a laboratory one
Nerea Luis
— PhD in artificial intelligence
“While it is easy to insert watermarks in images, videos or audio, in the case of text this represents a challenge, since any alteration in the words can significantly affect the meaning and quality of the content,” says Pablo Haya, researcher. of the Computer Linguistics Laboratory of the Autonomous University of Madrid (UAM) in statements to the SMC. Currently, systems to detect whether a document has been generated by AI have low success rates, so technologies that facilitate the identification of authorship are very necessary, he explains.
To understand how these watermarks work, Haya gives an example. If the model had produced the following sentence: The report shows that the market has seen significant growth during the last quartersays, the watermarking algorithm would generate an equivalent phrase, but choosing a series of words that, without modifying the meaning, follow a statistical relationship known to the algorithm: The report indicates that the market has made notable progress during the last quarter. “In this example, the appearance in the same sentence of these four words, ‘report’, ‘indicates’, ‘advance’, ‘notable’, and no others, is unlikely in the case of an LLM, and highly probable if has used the watermarking algorithm,” he explains to SMC.
Mikel Galar, AI expert at the Public University of Navarra (UPNA), remembers that this study is based on other previous works. “The results seem convincing and say that the system is already implemented in Gemini and Gemini advanced”, he highlights. “I think it would be important for your users to know this, because they may not have an interest in using a system that is easily detectable.”
These types of techniques are vulnerable to text modifications or rewriting by other models, so their practical usefulness remains to be seen.
Mikel Galar,
— AI expert from the Public University of Navarra (UPNA)
According to the results, recalls Galar, for short texts (100 tokens, 60-70 words) the detection is 50%, although with very few false positives (1%), and increases to 80% when we reach 400 tokens ( about 300 words). “Although it is a step forward, the limitations of this work are clear and stated by the authors: there are many open implementations on the Internet that are not going to include it,” he emphasizes. “In addition, these types of techniques are vulnerable to text modifications or rewriting by other models, so their practical usefulness remains to be seen. “Someone with knowledge could slightly modify the text reducing the detection capacity.”
#Goodbye #cheating #ChatGPT #develop #watermarks #detect #texts #generated
