The TWIML AI Podcast (formerly This Week in Machine Learning & Artificial Intelligence) Privacy and Security for Stable Diffusion and LLMs with Nicholas Carlini - #618
9 snips
Feb 27, 2023 In this discussion, Nicholas Carlini, a research scientist at Google Brain known for his work at the crossroads of machine learning and computer security, dives deep into pressing issues of privacy and security in AI. He explores the vulnerabilities of large models like stable diffusion, particularly the risks of data extraction and adversarial attacks. The conversation also touches on model memorization versus generalization, revealing surprising insights on how these models handle training data. Additionally, Carlini discusses data poisoning and its implications in safeguarding model integrity.
AI Snips
Chapters
Transcript
Episode notes
Carlini's Transition to ML Security
- Nicholas Carlini initially focused on traditional computer security research, including hardware exploits.
- His shift to machine learning security was prompted by a search for open research problems during his PhD.
Early ML Security Research
- Early machine learning security research replicated existing security techniques.
- Carlini's early work involved attacking defenses against adversarial examples, like distillation.
Shift from Adversarial Examples
- Adversarial example research has decreased due to its difficulty, not because it's solved.
- Researchers shifted to easier security and privacy problems with clearer threats and progress.