US20240242128
2024-07-18
Physics
G06N20/00
Immutable watermarking serves as a method for authenticating and verifying outputs generated by artificial intelligence (AI) systems. The proposed system involves a processor that receives content from two devices: one producing AI-generated content and the other acting as a verification source. By extracting a globally unique identifier (GUID) from a digital signature associated with the AI output, the system can confirm the authenticity of the content against a shared registry of machine learning (ML) models.
As AI and machine learning technologies advance, they face numerous adversarial threats, including model extraction, poisoning, inversion, and evasion attacks. These vulnerabilities can compromise both the integrity of the models and the data they generate. The reliance on traditional algorithmic methods for threat detection is increasingly inadequate, necessitating more robust security measures to ensure trustworthy AI outputs.
Historically, attempts to address data origin traceability issues have included restricting the publication of AI-generated outputs and embedding watermarks in training data. However, these methods often introduce distortions that can alter model performance or are impractical for widespread industrial use due to high costs and operational complexity.
The current approach introduces an immutable watermarking system that utilizes GUIDs to authenticate AI-generated content effectively. By combining content data with a GUID, the system ensures traceability and verifies the source of the generated outputs. Essential components of this system include trusted entities acting as senders, verifiers, and a shared AI registry to facilitate secure interactions between content generation and consumption platforms.
The architecture comprises interconnected platforms for generating and consuming content, supported by a shared registry. These platforms can range from desktop systems to mobile devices and even self-driving vehicles. Each platform is equipped with processors capable of executing ML models, ensuring efficient processing for both training and inference while maintaining security through immutable watermarking.