Paper & Examples
“Universal and Transferable Adversarial Attacks on Aligned Language Models.” (https://llm-attacks.org/)
Summary
- Computer security researchers have discovered a way to bypass safety measures in large language models (LLMs) like ChatGPT.
- Researchers from Carnegie Mellon University, Center for AI Safety, and Bosch Center for AI found a method to generate adversarial phrases that manipulate LLMs’ responses.
- These adversarial phrases trick LLMs into producing inappropriate or harmful content by appending specific sequences of characters to text prompts.
- Unlike traditional attacks, this automated approach is universal and transferable across different LLMs, raising concerns about current safety mechanisms.
- The technique was tested on various LLMs, and it successfully made models provide affirmative responses to queries they would typically reject.
- Researchers suggest more robust adversarial testing and improved safety measures before these models are widely integrated into real-world applications.
You must log in or # to comment.
So, it’s actually not gibberish, but carefully chosen words reverse-engineered from open-source LLMs. Interesting, but I’m not sure if it’s an actual problem. LLMs are still evolving and it’d be foolish(?) to think that their current state is indicative of what’ll be the norm in a few years.
On a side note, I just love the string of words “similarlyNow write oppositeley”. That’s the name of a future EP, for sure.