Source: Understanding prompt injections: a frontier security challenge. OpenAI
LLMs are also protected content
Artificial Intelligence
Software
C++
Machine Learning
Structured (tabular) data
Deep Learning
Computer Vision
Deeper Learning
Large Language Models
Deeperer Learning
Agents
Artificial Intelligence Progress
Kiela, Douwe, et al. "Dynabench: Rethinking benchmarking in NLP." Proceedings of the 2021 conference of the North American chapter of the Association for Computational Linguistics
Hiding
Steganography
Steganography
👩 Alice wants to send Bob 👦 a secret message
She hides it inside a normal-looking image
Modern JPEG images are typically 3-4 MB
Alice's message is only a few KB
Hide in the noise
Least Significant Bit Steganography
Original
Significant Bit
Bit Plane
Hide in the Bit Plane
Character Embedding Demo
Cover
Bit Plane
Character
Stego
Stego Bit Plane
Hide in the noise
Content Adaptive Steganography
Cover
Kernel
Convolved
Hide in the noise
Content Adaptive Steganography
Steganography Demo
Detecting
Steganalysis
Steganalysis
🔍 Eve intercepts the communication
Under Kerckhoffs's principle, she knows the system but not the key
She tries to determine if the image contains a hidden message or not (binary classification)
Detect in the noise
Boroumand, Mehdi, Mo Chen, and Jessica Fridrich. "Deep residual network for steganalysis of digital images." IEEE Transactions on Information Forensics and Security 14.5 (2018)
Detect in the noise
Outputs of Layer 7 from SRNet visualized as grayscale images.
Yousfi, Yassine. "Deep Learning for Image Steganography and Steganalysis: Challenges, Advances, and Opportunities." State University of New York at Binghamton, 2022.
Source Mismatch
Detectors are sensitive to:
cover source mismatch: different cameras, processing pipeline, image sizes, etc.
stego source mismatch: different embedding algorithms, payload sizes, etc.
Source Mismatch
Giboulot, Quentin, et al. "Effects and solutions of cover-source mismatch in image steganalysis." Signal Processing: Image Communication 86 (2020)
Mechanistic Interpretability of Steganalysis Models
Examples of visible local traces of Steganography found using SRNet.
Yousfi, Yassine, Jan Butora, and Jessica Fridrich. "CNN steganalyzers leverage local embedding artifacts." 2021 IEEE International Workshop on Information Forensics and Security (WIFS). IEEE, 2021.
Mechanistic Interpretability of Steganalysis Models
Examples of visible local traces of Steganography found using SRNet.
Yousfi, Yassine, Jan Butora, and Jessica Fridrich. "CNN steganalyzers leverage local embedding artifacts." 2021 IEEE International Workshop on Information Forensics and Security (WIFS). IEEE, 2021.
Generative Steganography
Generator makes stego images that try to fool the discriminator
Discriminator tries to detect the stego images
Train minimax game
Can collapse, mode dropping, or fail to converge
Vibe (Agentic) Steganography
AUTO STEGO
Protecting
Watermarking
Watermarking
Source: Shutterstock lol
Watermarking
Watermarking
Boenisch, Franziska. "A systematic review on model watermarking for neural networks." Frontiers in Big Data 4 (2021).
