Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Hide and Seek: Fingerprinting Large Language Models with Evolutionary Learning

Dmitri Iourovitski, Sanat Sharma, Rakshak Talwar

TL;DR

This work reframes LLM fingerprinting as a black-box attribution problem under the Semantic Manifold Hypothesis (SMH), proposing an evolutionary in-context learning loop with an Auditor and a Detective to uncover discriminative prompts that reveal family-specific output patterns. Formally, SMH describes next-token generation as lying on a low-dimensional manifold $\mathcal{M}_s$, and the authors define objective prompts $\hat{P}$ and response subsets $\hat{S}$ to maximize $P(M_i = X|S_x)$ while minimizing overlap with alternatives. The methodology demonstrates a 72% accuracy in identifying LLM families and provides insights into prompt structure, cross-family differences, and the influence of model size on detectability, with detailed experimental scenarios and a roadmap for future extensions. The work advances model attribution, AI security, and transparency by showing how in-context optimization can surface salient model traits in a black-box setting, guiding future fingerprinting and verification tools.

Abstract

As content generated by Large Language Model (LLM) has grown exponentially, the ability to accurately identify and fingerprint such text has become increasingly crucial. In this work, we introduce a novel black-box approach for fingerprinting LLMs, achieving an impressive 72% accuracy in identifying the correct family of models (Such as Llama, Mistral, Gemma, etc) among a lineup of LLMs. We present an evolutionary strategy that leverages the capabilities of one LLM to discover the most salient features for identifying other LLMs. Our method employs a unique "Hide and Seek" algorithm, where an Auditor LLM generates discriminative prompts, and a Detective LLM analyzes the responses to fingerprint the target models. This approach not only demonstrates the feasibility of LLM-driven model identification but also reveals insights into the semantic manifolds of different LLM families. By iteratively refining prompts through in-context learning, our system uncovers subtle distinctions between model outputs, providing a powerful tool for LLM analysis and verification. This research opens new avenues for understanding LLM behavior and has significant implications for model attribution, security, and the broader field of AI transparency.

Hide and Seek: Fingerprinting Large Language Models with Evolutionary Learning

TL;DR

This work reframes LLM fingerprinting as a black-box attribution problem under the Semantic Manifold Hypothesis (SMH), proposing an evolutionary in-context learning loop with an Auditor and a Detective to uncover discriminative prompts that reveal family-specific output patterns. Formally, SMH describes next-token generation as lying on a low-dimensional manifold , and the authors define objective prompts and response subsets to maximize while minimizing overlap with alternatives. The methodology demonstrates a 72% accuracy in identifying LLM families and provides insights into prompt structure, cross-family differences, and the influence of model size on detectability, with detailed experimental scenarios and a roadmap for future extensions. The work advances model attribution, AI security, and transparency by showing how in-context optimization can surface salient model traits in a black-box setting, guiding future fingerprinting and verification tools.

Abstract

As content generated by Large Language Model (LLM) has grown exponentially, the ability to accurately identify and fingerprint such text has become increasingly crucial. In this work, we introduce a novel black-box approach for fingerprinting LLMs, achieving an impressive 72% accuracy in identifying the correct family of models (Such as Llama, Mistral, Gemma, etc) among a lineup of LLMs. We present an evolutionary strategy that leverages the capabilities of one LLM to discover the most salient features for identifying other LLMs. Our method employs a unique "Hide and Seek" algorithm, where an Auditor LLM generates discriminative prompts, and a Detective LLM analyzes the responses to fingerprint the target models. This approach not only demonstrates the feasibility of LLM-driven model identification but also reveals insights into the semantic manifolds of different LLM families. By iteratively refining prompts through in-context learning, our system uncovers subtle distinctions between model outputs, providing a powerful tool for LLM analysis and verification. This research opens new avenues for understanding LLM behavior and has significant implications for model attribution, security, and the broader field of AI transparency.
Paper Structure (46 sections, 7 equations, 2 figures)

This paper contains 46 sections, 7 equations, 2 figures.

Table of Contents

  1. Introduction
  2. Semantic Manifold Hypothesis
  3. Background
  4. Formulation
  5. Model definition under SMH
  6. Formal Definition
  7. Real World considerations of crafting $\hat{P}$ and $\hat{S}$
  8. Intractable Response Exploration
  9. Ambiguity in Feature Space S
  10. Stochastic Nature of Generative Responses
  11. A Game of Hide and Seek - Uncovering the Latent Manifold
  12. Overview
  13. Methodology
  14. Auditor
  15. Detective
  16. ...and 31 more sections

Figures (2)

  • Figure 1: Hide and Seek is an evolutionary algorithm that aims to uncover the hidden semantic manifold of LLMs. The Auditor is tasked with generating "adversarial" prompts that elicit unique responses from the models under test. The responses are then passed to an LLM evaluator which tries to predict the 2 models in the test set that are similar to each other. The model outputs and evaluator correctness is passed back to the auditor to refine the prompt.
  • Figure 2: Violin plots showing the accuracy distribution for each LLM family.