You are viewing a single comment's thread from:

RE: Was this post WRITTEN BY MACHINE? New Harvard AI Can Recognize That

in #technology5 years ago (edited)

In terms of text generation, there was the recent situation with GPT2 where the researchers held back part of their model for fear it was too good.
Detection is always an arms race though. If someone deploys an AI to detect generated text, then it can become a target for adversarial attacks. In situations where there is immediate reward for getting generated text through and limited long term consequences for being caught then an adversarial attack on a detector AI only needs to be relevant for a short term. I've posted about this before in regard to Steem. I've also mentioned in regard to AI dApp projects ... if your detector AI is running where the public has cheap access to it, then it will easily be overwhelmed by an adversarial attack.
One potential solution is to put the detector AI behind a paid API - a penny or two per detection request might be sufficient to raise the cost of adversarial probing to the point most attackers won't bother. There are other countermeasures an API could take but they are not fool proof.
As an aside, adversarial attacks aren't anything particularly special in AI. One approach to creating generators is to have it compete against a detector (the adversary) in an approach called GAN Generative Adversarial Network.
An an amusing annecdote: some years back a colleague and I annoyed somebody at a trade fair by adversarially attacking their face detection/tracking system. We managed to fool it with two circles and a line hand drawn on piece paper. Systems are much better now, but will still have vulnerabilities.

5 years ago in #technology by
$0.08
  • Past Payouts $0.08, 0.00 TRX
  • - Author $0.06, 0.00 TRX
  • - Curators $0.02, 0.00 TRX
5 votes
Reply 8
Sort:  
  • Trending
    • [-]
     5 years ago 

    Thank you for sharing your opinion @eturnerx. I appreciate it a lot :)

    One potential solution is to put the detector AI behind a paid API - a penny or two per detection request might be sufficient to raise the cost of adversarial probing to the point most attackers won't bother.

    I totally agree with you, but I suppose GLTR is rather an experiment than a serious tool. As I mentioned, it only increases a chance to spot the fake text, and I believe that in about 6-12 months machine-generated texts will be so advanced that GLTR will become helpless. And unfortunately I see no space for further development and improvements of this tool.

    An an amusing annecdote: some years back a colleague and I annoyed somebody at a trade fair by adversarially attacking their face detection/tracking system. We managed to fool it with two circles and a line hand drawn on piece paper. Systems are much better now, but will still have vulnerabilities.

    That's really interesting. As far as I know, till the premiere of iPhone X face recognition systems were generally easy to trick with a photo. Ultimately Apple introduced their special sensor able to recognize face in 3 dimensions, thus becoming resistant to the images. However I think you can still convince it by using some precise mask.

    $0.03
    • Past Payouts $0.03, 0.00 TRX
    • - Author $0.02, 0.00 TRX
    • - Curators $0.01, 0.00 TRX
    2 votes
    Reply
    [-]
     5 years ago 

    I believe that in about 6-12 months machine-generated texts will be so advanced that GLTR will become helpless. And unfortunately I see no space for further development and improvements of this tool.

    I think it's an arms race. While GLTR might not be the best detector in future, something else will be.

    $0.00
      Reply
      [-]
       5 years ago 

      While GLTR might not be the best detector in future, something else will be.

      I agree, but the concept of this tool will have to be reworked.

      $0.00
        Reply

        Coin Marketplace

        STEEM 0.30
        TRX 0.12
        JST 0.033
        BTC 63955.40
        ETH 3139.68
        USDT 1.00
        SBD 3.87