De-mark: Watermark Removal in Large Language Models
This addresses the robustness of watermarking schemes for identifying AI-generated content, which is an incremental improvement in security and detection methods.
The paper tackles the problem of removing n-gram-based watermarks from machine-generated content in large language models, presenting De-mark, a framework that effectively removes watermarks as demonstrated in experiments on models like Llama3 and ChatGPT.
Watermarking techniques offer a promising way to identify machine-generated content via embedding covert information into the contents generated from language models (LMs). However, the robustness of the watermarking schemes has not been well explored. In this paper, we present De-mark, an advanced framework designed to remove n-gram-based watermarks effectively. Our method utilizes a novel querying strategy, termed random selection probing, which aids in assessing the strength of the watermark and identifying the red-green list within the n-gram watermark. Experiments on popular LMs, such as Llama3 and ChatGPT, demonstrate the efficiency and effectiveness of De-mark in watermark removal and exploitation tasks.