Can LLMs get help from other LLMs without revealing private information?

Prentice Hall

Social learning theory, volume 1

Albert Bandura, Richard H Walters

Published: 1977

OpenAI Technical Report

Language models are few-shot learners

T. B. Brown, B. Mann, N. Ryder, M. Subbiah, J. Kaplan, P. Dhariwal, A. Neelakantan, P. Shyam, G. Sastry, A. Askell, S. Agarwal, A. Herbert-Voss, G. Krueger, T. Henighan, R. Child, A. Ramesh, D. M. Ziegler, J. Wu, C. Winter, C. Hesse, M. Chen, E. Sigler, M. Litwin, S. Gray, B. Chess, J. Clark, C. Berner, S. McCandlish, A. Radford, I. Sutskever, D. Amodei

Published: 2020

Frugalgpt: How to use large language models while reducing cost and improving performance

Lingjiao Chen, Matei Zaharia, James Zou

Published: 2023

Training verifiers to solve math word problems

Karl Cobbe, Vineet Kosaraju, Mohammad Bavarian, Mark Chen, Heewoo Jun, Lukasz Kaiser, Matthias Plappert, Jerry Tworek, Jacob Hilton, Reiichiro Nakano, Christopher Hesse, John Schulman

Published: 2021

Senteval: An evaluation toolkit for universal sentence representations

Alexis Conneau, Douwe Kiela

Published: 2018

Springer

Differential privacy

Cynthia Dwork

Published: 2006

Proc of SIGMOD-SIGACT-SIGART

Limiting privacy breaches in privacy preserving data mining

A. Evfimievski, J. Gehrke, R. Srikant

Published: 2003

Gemini: A Family of Highly Capable Multimodal Models

Google DeepMind

Published: 2024

Training compute-optimal large language models

J. Hoffmann, S. Borgeaud, A. Mensch, E. Buchatskaya, T. Cai, E. Rutherford, D. de Las Casas, L. A. Hendricks, J. Welbl, A. Clark, T. Hennigan, E. Noland, K. Millican, G. van den Driessche, B. Damoc, A. Guy, S. Osindero, K. Simonyan, E. Elsen, J. W. Rae, O. Vinyals, L. Sifre

Published: 2022

SIAM Journal on Computing

What can we learn privately?

Shiva Prasad Kasiviswanathan, Homin K Lee, Kobbi Nissim, Sofya Raskhodnikova, Adam Smith

Published: 2011

Rlaif: Scaling reinforcement learning from human feedback with ai feedback

H. Lee, S. Phatale, H. Mansoor, T. Mesnard, J. Ferret, K. Lu, C. Bishop, E. Hall, V. Carbune, A. Rastogi, S. Prakash

Published: 2023

Cascadebert: Accelerating inference of pre-trained language models via calibrated complete models cascade

Lei Li, Yankai Lin, Deli Chen, Shuhuai Ren, Peng Li, Jie Zhou, Xu Sun

Published: 2021

Proceedings of the 59th Annual Meeting of the Association for Computational Linguistics and the 11th International Joint Conference on Natural Language Processing (Volume 1: Long Papers)

Anonymisation Models for Text Data: State of the art, Challenges and Future Directions

Pierre Lison, Ildikó Pilán, David Sanchez, Montserrat Batet, Lilja Øvrelid

Published: 2021

arxiv

被引用数 18

Prompt Injection attack against LLM-integrated Applications

Yi Liu, Gelei Deng, Yuekang Li, Kailong Wang, Zihao Wang, Xiaofeng Wang, Tianwei Zhang, Yepang Liu, Haoyu Wang, Yan Zheng, Yang Liu

Published: 2023.6.9

Large Language Models (LLMs), renowned for their superior proficiency in language comprehension and generation, stimulate a vibrant ecosystem of applications around them. However, their extensive assimilation into various services introduces significant security risks. This study deconstructs the complexities and implications of prompt injection attacks on actual LLM-integrated applications. Initially, we conduct an exploratory analysis on ten commercial applications, highlighting the constraints of current attack strategies in practice. Prompted by these limitations, we subsequently formulate HouYi, a novel black-box prompt injection attack technique, which draws inspiration from traditional web injection attacks. HouYi is compartmentalized into three crucial elements: a seamlessly-incorporated pre-constructed prompt, an injection prompt inducing context partition, and a malicious payload designed to fulfill the attack objectives. Leveraging HouYi, we unveil previously unknown and severe attack outcomes, such as unrestricted arbitrary LLM usage and uncomplicated application prompt theft. We deploy HouYi on 36 actual LLM-integrated applications and discern 31 applications susceptible to prompt injection. 10 vendors have validated our discoveries, including Notion, which has the potential to impact millions of users. Our investigation illuminates both the possible risks of prompt injection attacks and the possible tactics for mitigation.

プロンプトインジェクション悪意のあるプロンプト

Towards efficient generative large language model serving: A survey from algorithms to systems

Xupeng Miao, Gabriele Oliaro, Zhihao Zhang, Xinhao Cheng, Hongyi Jin, Tianqi Chen, Zhihao Jia

Published: 2023

Social learning: Towards collaborative learning with large language models

Amirkeivan Mohtashami, Florian Hartmann, Sian Gooding, Lukas Zilka, Matt Sharifi

Published: 2023

2008 IEEE Symposium on Security and Privacy (sp 2008)

Robust de-anonymization of large sparse datasets

Arvind Narayanan, Vitaly Shmatikov

Published: 2008

Washington Law Review

Privacy as contextual integrity

Helen Nissenbaum

Published: 2004

GPT-4 Technical Report

OpenAI

Published: 2023

Are emergent abilities of large language models a mirage?

R. Schaeffer, B. Miranda, S. Koyejo

Published: 2023

Bleurt: Learning robust metrics for text generation

T. Sellam, D. Das, A. P. Parikh

International Conference on Machine Learning

Synthetic prompting: Generating chain-of-thought demonstrations for large language models

Zhihong Shao, Yeyun Gong, Yelong Shen, Minlie Huang, Nan Duan, Weizhu Chen

Published: 2023

Beyond the imitation game: Quantifying and extrapolating the capabilities of language models

A. Srivastava, A. Rastogi, A. Rao, et al.

Published: 2023

International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems

k-anonymity: A model for protecting privacy

L. Sweeney

Published: 2002

The tatoeba translation challenge–realistic data sets for low resource and multilingual mt

IEEE International Conference on Acoustics, Speech, and Signal Processing (ICASSP)

Recovering from Privacy-Preserving Masking with Large Language Models

Arpita Vats, Zhe Liu, Peng Su, Debjyoti Paul, Yingyi Ma, Yutong Pang, Zeeshan Ahmed, Ozlem Kalinli

Published: 2023.9.13

Model adaptation is crucial to handle the discrepancy between proxy training data and actual users data received. To effectively perform adaptation, textual data of users is typically stored on servers or their local devices, where downstream natural language processing (NLP) models can be directly trained using such in-domain data. However, this might raise privacy and security concerns due to the extra risks of exposing user information to adversaries. Replacing identifying information in textual data with a generic marker has been recently explored. In this work, we leverage large language models (LLMs) to suggest substitutes of masked tokens and have their effectiveness evaluated on downstream language modeling tasks. Specifically, we propose multiple pre-trained and fine-tuned LLM-based approaches and perform empirical studies on various datasets for the comparison of these methods. Experimental results show that models trained on the obfuscation corpora are able to achieve comparable performance with the ones trained on the original data without privacy-preserving token masking.

プライバシー手法 LLM性能評価データ保護手法

Self-instruct: Aligning language models with self-generated instructions

Wang, Y., Kordi, Y., Mishra, S., Liu, A., Smith, N. A., Khashabi, D., Hajishirzi, H.

Published: 2022

Journal of the American Statistical Association

Randomized response: a survey technique for eliminating evasive answer bias

Warner, S. L.

Published: 1965

The Twelfth International Conference on Learning Representations

Privacy-preserving in-context learning for large language models

Tong Wu, Ashwinee Panda, Jiachen T Wang, Prateek Mittal

Published: 2023

Large language model cascades with mixture of thoughts representations for cost-efficient reasoning

Murong Yue, Jie Zhao, Min Zhang, Liang Du, Ziyu Yao

Published: 2024