The TWIML AI Podcast (formerly This Week in Machine Learning & Artificial Intelligence)

Coercing LLMs to Do and Reveal (Almost) Anything with Jonas Geiping - #678

Apr 1, 2024

Jonas Geiping, a research group leader at the ELLIS Institute and Max Planck Institute, sheds light on his groundbreaking work on coercing large language models (LLMs). He discusses the alarming potential for LLMs to engage in harmful actions when misused. The conversation dives into the evolving landscape of AI security, exploring adversarial attacks and the significance of open models for research. They also touch on the complexities of input optimization and the balance between safeguarding models while maintaining their functionality.

48:27

Creator website

Episode guests

Jonas Geiping

AI Summary

Highlights

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Understanding the risks of deploying LLM agents in real-world interactions is crucial due to their vulnerability to coercion and unintended actions.

The interchangeability of attacks across models highlights the need for robust defense strategies that transcend model sources and attack methods.

The evolving landscape of LLM security necessitates a multifaceted approach involving heuristic methods, guard models, and ongoing research into optimization algorithms.

Deep dives

Research Origins and Importance of LLM Security

The podcast episode delves into the origins of research into large language model (LLM) security. It highlights the evolving landscape from previous work restricted to image attacks to the emergence of attacks on language models. Notably, developments like Ennizo's attack broadened the field, leading to a surge of related attacks. This shift underscores the current pivotal space of debating attack reliability and speed of execution.

Optimizing with Hybrid Strategies

01:38

Caution in Implementing LLMs in Agentic Systems

01:14

Minimizing Attack Surface and Using Guardrails for Model Output

01:07

The Power of Invisible Character Attacks in Persuading Models

00:48

Intro

2min

Security Concerns of Agentic LLMs in Real-World Applications

4min

Exploring Vulnerabilities in Language Models

14min

Exploring Text Input Optimization and Variability in Outputs

2min

Advancing Hyperparameter Optimization

5min

Safeguarding Language Models: Balancing Security and Functionality

12min

Optimizing Constraints in Language Models

9min

Today we're joined by Jonas Geiping, a research group leader at the ELLIS Institute, to explore his paper: "Coercing LLMs to Do and Reveal (Almost) Anything". Jonas explains how neural networks can be exploited, highlighting the risk of deploying LLM agents that interact with the real world. We discuss the role of open models in enabling security research, the challenges of optimizing over certain constraints, and the ongoing difficulties in achieving robustness in neural networks. Finally, we delve into the future of AI security, and the need for a better approach to mitigate the risks posed by optimized adversarial attacks.

The complete show notes for this episode can be found at twimlai.com/go/678.

Get the Snipd
podcast app

Unlock the knowledge in podcasts with the podcast player of the future.

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Save any
moment

Hear something you like? Tap your headphones to save it with AI-generated key takeaways

Share
& Export

Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

The TWIML AI Podcast (formerly This Week in Machine Learning & Artificial Intelligence)

Coercing LLMs to Do and Reveal (Almost) Anything with Jonas Geiping - #678

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Research Origins and Importance of LLM Security

Security Implications and Future Outlook

Adversarial Attacks and Open Source Models

Defense Strategies and Optimizations

Future Adventures in LLM Security

The Intersection of Social Engineering and Technical Attacks

Optimizing with Hybrid Strategies

Caution in Implementing LLMs in Agentic Systems

Minimizing Attack Surface and Using Guardrails for Model Output

The Power of Invisible Character Attacks in Persuading Models

Get the Snipd
podcast app

AI-powered
podcast player

Discover
highlights

Save any
moment

Share
& Export

AI-powered
podcast player

Discover
highlights

The TWIML AI Podcast (formerly This Week in Machine Learning & Artificial Intelligence)

Coercing LLMs to Do and Reveal (Almost) Anything with Jonas Geiping - #678

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Research Origins and Importance of LLM Security

Security Implications and Future Outlook

Adversarial Attacks and Open Source Models

Defense Strategies and Optimizations

Future Adventures in LLM Security

The Intersection of Social Engineering and Technical Attacks

Optimizing with Hybrid Strategies

Caution in Implementing LLMs in Agentic Systems

Minimizing Attack Surface and Using Guardrails for Model Output

The Power of Invisible Character Attacks in Persuading Models

Get the Snipdpodcast app

AI-poweredpodcast player

Discoverhighlights

Save anymoment

Share& Export

AI-poweredpodcast player

Discoverhighlights

Get the Snipd
podcast app

AI-powered
podcast player

Discover
highlights

Save any
moment

Share
& Export

AI-powered
podcast player

Discover
highlights