Toward Accountable AI-Generated Content on Social Platforms: Steganographic Attribution and Multimodal Harm Detection

Researchers propose a steganography-based attribution framework that embeds cryptographic identifiers into AI-generated images to combat harmful misuse on social platforms. The system combines watermarking techniques with CLIP-based multimodal detection to achieve 0.99 AUC-ROC performance, enabling reliable forensic tracing of synthetic media used in misinformation campaigns.

The proliferation of generative AI has created a critical gap in content moderation infrastructure. While AI-generated images themselves can be benign, pairing them with misleading or harmful text creates contextual misuse that traditional moderation frameworks struggle to detect and attribute. Unlike photos from physical devices, synthetic images lack persistent metadata or hardware signatures, making attribution nearly impossible under current systems. This research addresses a genuine enforcement challenge: platforms cannot effectively hold creators accountable for AI-generated disinformation without reliable identification mechanisms.

The proposed solution uses steganographic watermarking embedded at image creation—essentially invisible digital signatures cryptographically tied to the source. Testing five watermarking approaches, the researchers found spread-spectrum techniques in the wavelet domain offer optimal robustness against common distortions like blur, which adversaries might apply to evade detection. The integration of CLIP-based multimodal fusion represents the critical innovation: rather than constantly watermark-checking all synthetic content, the system only triggers attribution verification when harmful context is detected, reducing computational overhead while improving precision.

For platform operators and regulators, this framework offers scalable accountability mechanisms that don't require removing synthetic media outright. The 0.99 AUC-ROC performance suggests practical deployment viability. However, effectiveness depends on adoption at the generation stage—watermarking must occur during model inference, requiring cooperation from AI tool developers. Adversaries could also develop removal techniques or use pre-watermarked images. This creates an ongoing technical arms race rather than a permanent solution, particularly as watermarking methods become public knowledge through the open-sourced GitHub repository.

• →Steganographic watermarking in the wavelet domain provides robust attribution of AI-generated images even under distortion attacks
• →Multimodal CLIP-based detection achieves 0.99 AUC-ROC, enabling reliable cross-modal harmful-content identification
• →The framework only verifies attribution when harmful content is detected, reducing computational overhead compared to universal watermarking checks
• →Effectiveness requires watermarking at generation time, necessitating cooperation from AI model developers and tool platforms
• →Open-sourcing the code accelerates both adoption and adversarial watermark-removal research