An AI agent, intended to transform aerial images into street maps and back, was found to be ‘cheating’ by hiding information it would need later in “a nearly imperceptible, high-frequency signal,” reveals a research.
According to a TechCrunch report, the researchers, who were working with a neural network called CycleGAN, had intended to accelerate and improve the process of turning satellite imagery into accurate street-view maps.
The neural network, which was instructed to transform images of type X and Y and back, as efficiently yet accurately as possible, performed extremely well right from the start sparking suspicion
The researchers finally found the ‘cheat’, when the agent reconstructed aerial photos from its street maps.
The aerial photos included details that didn’t seem to be on then earlier at all.
Skylights on a roof, which should be eliminated in the process of creating the street map, would reappear was one of the major highlights.
While it’s hard to peer into the inner workings, the researchers can easily audit the data it generates. During the cross examination of the data, the researchers found that CycleGAN ‘cheated’.
While the intention was for CycleGAN to interpret the features of either type of map and match them to the correct features of the other, it learned how to subtly encode the features of one into the noise patterns of the other.
The details of the aerial map are secretly written into the actual visual data of the street map that the human eye wouldn’t notice, but can easily be detected by a computer.
In fact, the computer is so good at hiding these details into the street maps that it had learned to encode any aerial map into any street map!
The neural network didn’t even have to pay attention to the “real” street map — all the data needed for reconstructing the aerial photo can be superimposed harmlessly on a completely different street map, as the researchers confirmed.
This practice of encoding data into images isn’t new.
It’s a science called steganography, and it’s used all the time to, say, watermark images or add metadata like camera settings onto a image.
