News, news analysis, and commentary on the latest trends in cybersecurity technology.
Google's AI Watermarks Will Identify Deepfakes
The SynthID line of watermarking techniques can be used to identify images, video, and text generated by artificial intelligence.
May 15, 2024
Google made a number of AI-related announcements at the Google I/O developer conference this week, including stronger security measures in its artificial intelligence models to clamp down on the spread of misinformation via deepfakes and problematic outputs.
The company expanded its SynthID line of watermarking technologies to enable the insertion of invisible watermarks on AI-generated video and text. This way, documents can be traced back to their original sources. SynthID already applies watermarks to AI-generated images and audio.
"We are ... developing new tools to prevent the misuse of our models," said James Manyika, senior vice president at Google, at Google I/O.
Watermarking AI-generated content is gaining in importance as AI is increasingly being used to create various types of content. Deepfake video and audio have already been used to spread misinformation and for business email compromise.
Google also announced two new AI models at I/O — Veo, which generates realistic videos, and Imagen 3, which generates life-like images. The new watermarking techniques will be implemented in both models to easily identify fakes and prevent the spread of misinformation, Manyika said. For example, all videos generated by Veo on VideoFX will be watermarked by SynthID.
"We're doing a lot of research in this area, including the potential for harm and misuse," Manyika said.
With SynthID watermarking, the AI model attaches a watermark to generated output, which could be a block of text or an invisible statistical pattern. It then uses a scoring system to identify the uniqueness of that watermark pattern to see whether the text was AI-generated or came from another source. Google is open-sourcing SynthID text watermarking to other vendors.
"SynthID for text watermarking works best when a language model generates longer responses, and in diverse ways — like when it’s prompted to generate an essay, a theater script or variations on an email," Google wrote in a blog post.
At I/O the company also noted how it is protecting AI models with AI-assisted red-teaming techniques. AI agents are trained to compete with each other to improve and expand their red-team capabilities. The primary goal behind this adversarial technique is to reduce problematic outputs.
"We test our own models and try to break them by identifying weaknesses," Manyika said. "Building AI responsibility means both addressing the risks and maximizing the benefits of people and society."
About the Author
You May Also Like
Unleashing AI to Assess Cyber Security Risk
Nov 12, 2024Securing Tomorrow, Today: How to Navigate Zero Trust
Nov 13, 2024The State of Attack Surface Management (ASM), Featuring Forrester
Nov 15, 2024Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024The Right Way to Use Artificial Intelligence and Machine Learning in Incident Response
Nov 20, 2024