Search Results for author:
Found 35 papers, 14 papers with code
Instance-hiding Schemes for Private Distributed Learning
The new ideas in the current paper are: (a) new variants of mixup with negative as well as positive coefficients, and extend the sample-wise mixup to be pixel-wise.
MATH-Perturb: Benchmarking LLMs' Math Reasoning Abilities against Hard Perturbations
This issue is amplified when using original problems for in-context learning.
Scaling Laws for Differentially Private Language Models
Scaling laws have emerged as important components of large language model (LLM) training as they can predict performance gains through scale, and provide guidance on important hyper-parameter choices that would otherwise be expensive.
Exploring and Mitigating Adversarial Manipulation of Voting-Based Leaderboards
Our attack consists of two steps: first, we show how an attacker can determine which model was used to generate a given reply with more than $95\%$ accuracy; and then, the attacker can use this information to consistently vote for (or against) a target model.
On Evaluating the Durability of Safeguards for Open-Weight LLMs
Through several case studies, we demonstrate that even evaluating these defenses is exceedingly difficult and can easily mislead audiences into thinking that safeguards are more durable than they really are.
Machine Unlearning Doesn't Do What You Think: Lessons for Generative AI Policy, Research, and Practice
We articulate fundamental mismatches between technical methods for machine unlearning in Generative AI, and documented aspirations for broader impact that these methods could have for law and policy.
On Memorization of Large Language Models in Logical Reasoning
In this paper, we systematically investigate this hypothesis with a quantitative measurement of memorization in reasoning tasks, using a dynamically generated logical reasoning benchmark based on Knights and Knaves (K&K) puzzles.
An Adversarial Perspective on Machine Unlearning for AI Safety
Large language models are finetuned to refuse questions about hazardous knowledge, but these protections can often be bypassed.
ConceptMix: A Compositional Image Generation Benchmark with Controllable Difficulty
Compositionality is a critical capability in Text-to-Image (T2I) models, as it reflects their ability to understand and combine multiple concepts from text descriptions.
The Future of Open Human Feedback
In this work, we bring together interdisciplinary experts to assess the opportunities and challenges to realizing an open ecosystem of human feedback for AI.
MUSE: Machine Unlearning Six-Way Evaluation for Language Models
Data owners may request the removal of their data from a trained model due to privacy or copyright concerns.
Evaluating Copyright Takedown Methods for Language Models
Language models (LMs) derive their capabilities from extensive training on diverse data, including potentially copyrighted material.
Crosslingual Capabilities and Knowledge Barriers in Multilingual Large Language Models
Large language models (LLMs) are typically multilingual due to pretraining on diverse multilingual corpora.
Mind the Privacy Unit! User-Level Differential Privacy for Language Model Fine-Tuning
Large language models (LLMs) have emerged as powerful tools for tackling complex tasks across diverse domains, but they also raise privacy concerns when fine-tuned on sensitive data due to potential memorization.
SORRY-Bench: Systematically Evaluating Large Language Model Safety Refusal Behaviors
First, existing methods often use coarse-grained taxonomies of unsafe topics, and are over-representing some fine-grained topics.
Fantastic Copyrighted Beasts and How (Not) to Generate Them
We show that state-of-the-art image and video generation models can still generate characters even if characters' names are not explicitly mentioned, sometimes with only two generic keywords (e. g., prompting with "videogame, plumber" consistently generates Nintendo's Mario character).
AI Risk Management Should Incorporate Both Safety and Security
The exposure of security vulnerabilities in safety-aligned language models, e. g., susceptibility to adversarial attacks, has shed light on the intricate interplay between AI safety and AI security.
A Safe Harbor for AI Evaluation and Red Teaming
Independent evaluation and red teaming are critical for identifying the risks posed by generative AI systems.
Assessing the Brittleness of Safety Alignment via Pruning and Low-Rank Modifications
We develop methods to identify critical regions that are vital for safety guardrails, and that are disentangled from utility-relevant regions at both the neuron and rank levels.
Detecting Pretraining Data from Large Language Models
Min-K% Prob can be applied without any knowledge about the pretraining corpus or any additional training, departing from previous detection methods that require training a reference model on data that is similar to the pretraining data.
Catastrophic Jailbreak of Open-source LLMs via Exploiting Generation
Finally, we propose an effective alignment method that explores diverse generation strategies, which can reasonably reduce the misalignment rate under our attack.
Learning across Data Owners with Joint Differential Privacy
In this paper, we study the setting in which data owners train machine learning models collaboratively under a privacy notion called joint differential privacy [Kearns et al., 2018].
Privacy Implications of Retrieval-Based Language Models
Crucially, we find that $k$NN-LMs are more susceptible to leaking private information from their private datastore than parametric models.
GMValuator: Similarity-based Data Valuation for Generative Models
Specifically, we introduce Generative Model Valuator (GMValuator), the first training-free and model-agnostic approach to provide data valuation for generation tasks.
$k$NN-Adapter: Efficient Domain Adaptation for Black-Box Language Models
Fine-tuning a language model on a new domain is standard practice for domain adaptation.
Recovering Private Text in Federated Learning of Language Models
For the first time, we show the feasibility of recovering text from large batch sizes of up to 128 sentences.
Evaluating Gradient Inversion Attacks and Defenses in Federated Learning
Gradient inversion attack (or input recovery from gradient) is an emerging threat to the security and privacy preservation of Federated learning, whereby malicious eavesdroppers or participants in the protocol can recover (partially) the clients' private data.
EMA: Auditing Data Removal from Trained Models
In this paper, we propose a new method called Ensembled Membership Auditing (EMA) for auditing data removal to overcome these limitations.
IFGAN: Missing Value Imputation using Feature-specific Generative Adversarial Networks
Missing value imputation is a challenging and well-researched topic in data mining.
MixCon: Adjusting the Separability of Data Representations for Harder Data Recovery
To address the issue that deep neural networks (DNNs) are vulnerable to model inversion attacks, we design an objective function, which adjusts the separability of the hidden data representations, as a way to control the trade-off between data utility and vulnerability to inversion attacks.
TextHide: Tackling Data Privacy in Language Understanding Tasks
In addition, TextHide fits well with the popular framework of fine-tuning pre-trained language models (e. g., BERT) for any sentence or sentence-pair task.
InstaHide: Instance-hiding Schemes for Private Distributed Learning
This paper introduces InstaHide, a simple encryption of training images, which can be plugged into existing distributed deep learning pipelines.
Deep Learning Based Detection and Localization of Intracranial Aneurysms in Computed Tomography Angiography
Purpose: To develop CADIA, a supervised deep learning model based on a region proposal network coupled with a false-positive reduction module for the detection and localization of intracranial aneurysms (IA) from computed tomography angiography (CTA), and to assess our model's performance to a similar detection network.
Privacy-preserving Learning via Deep Net Pruning
This paper attempts to answer the question whether neural network pruning can be used as a tool to achieve differential privacy without losing much data utility.
Deep Q Learning Driven CT Pancreas Segmentation with Geometry-Aware U-Net
Segmentation of pancreas is important for medical image analysis, yet it faces great challenges of class imbalance, background distractions and non-rigid geometrical features.
