49 lines
5.3 KiB
Markdown
49 lines
5.3 KiB
Markdown
type:: [[Contact]]
|
||
page-type:: [[people]]
|
||
date:: [[21-09-2023]] - 11:51
|
||
name:: Muhammad Umar Zeshan
|
||
struttura:: [[DISIM]]
|
||
email:: muhammadumarzeshan@gmail.com
|
||
chat:: https://join.skype.com/DGd2k6eWIkxn
|
||
|
||
- ## PhD proposal and First Year Report Submission
|
||
email:: [http://s.diruscio.org/YfxeA](http://s.diruscio.org/YfxeA)
|
||
- 
|
||
- 
|
||
- **YAPP (Yet Another Project Proposal)**
|
||
collapsed:: true
|
||
- [Data Poisoning in LLMs - Google Docs](https://docs.google.com/document/d/1iEUsNeOJP0ZlZWYdpy9DDeAnHnTwEPQmmNfpneoeBcE/edit)
|
||
- [[@Data Poisoning in LLMs]] [Data Poisoning in LLMs.pdf](zotero://select/library/items/AI9H8P3A) {{zotero-imported-file AI9H8P3A, "Data Poisoning in LLMs.pdf"}}
|
||
- ### Notes
|
||
- “particular” ([“Data Poisoning in LLMs”, p. 1](zotero://select/library/items/SZ7XFBU7)) ([pdf](zotero://open-pdf/library/items/AI9H8P3A?page=1&annotation=G3RR7AR5)) #ff6666
|
||
*You just started, it is not clear what respect to what!*
|
||
- “simple to contaminate small bits of data” ([“Data Poisoning in LLMs”, p. 1](zotero://select/library/items/SZ7XFBU7)) ([pdf](zotero://open-pdf/library/items/AI9H8P3A?page=1&annotation=5YDGKTCA)) #ffd400
|
||
*In what context?*
|
||
- “Small amounts of poisoned data, which are inputs with triggers (poisoned inputs) combined with attacker-specified outputs (targeted outputs), are injected by the attacker in a data poisoning-based backdoor attack. When the same trigger(s) occur in test inputs during inference, a model trained on a poisoned dataset generates attacker-specified outputs while continuing to function properly on clean inputs” ([“Data Poisoning in LLMs”, p. 1](zotero://select/library/items/SZ7XFBU7)) ([pdf](zotero://open-pdf/library/items/AI9H8P3A?page=1&annotation=7HVLV95P)) #ffd400
|
||
*Can you be more specific with the help of an explanatory example?*
|
||
- “interfere with the internal learning process that a machine learning model undergoes in order to render it unreliable or incapable of generating the desired output that the system is intended to produce.” ([“Data Poisoning in LLMs”, p. 1](zotero://select/library/items/SZ7XFBU7)) ([pdf](zotero://open-pdf/library/items/AI9H8P3A?page=1&annotation=JFLAL7K2)) #ffd400
|
||
- “Research Challenges:” ([“Data Poisoning in LLMs”, p. 1](zotero://select/library/items/SZ7XFBU7)) ([pdf](zotero://open-pdf/library/items/AI9H8P3A?page=1&annotation=4ZNTXKQ8)) #ff6666
|
||
*Can you elaborate and refine these challenges by presenting concrete examples e.g., based on ChatGPT?*
|
||
- “id ti identify the data which can poisoned to manipulate the outcomes” ([“Data Poisoning in LLMs”, p. 1](zotero://select/library/items/SZ7XFBU7)) ([pdf](zotero://open-pdf/library/items/AI9H8P3A?page=1&annotation=NMSNN2PH)) #ff6666
|
||
- “In case of LLMs, unlike the DL/ML models, the input of the data is not clear.” ([“Data Poisoning in LLMs”, p. 1](zotero://select/library/items/SZ7XFBU7)) ([pdf](zotero://open-pdf/library/items/AI9H8P3A?page=1&annotation=3JKNRFEW)) #ffd400
|
||
*What do you think?*
|
||
- “Identifying the input data that can lead to data poisoning in Large Language Models (LLMs) poses a significant research challenge due to the vast and diverse nature of the datasets used to train LLMs.” ([“Data Poisoning in LLMs”, p. 2](zotero://select/library/items/SZ7XFBU7)) ([pdf](zotero://open-pdf/library/items/AI9H8P3A?page=2&annotation=L2RUZQ7F)) #ffd400
|
||
*If you are referring to ChatGPT or Bird, the problem is even worse: you don't have any access to the training data.*
|
||
- “He et al. [] r” ([“Data Poisoning in LLMs”, p. 2](zotero://select/library/items/SZ7XFBU7)) ([pdf](zotero://open-pdf/library/items/AI9H8P3A?page=2&annotation=UZF6ZER5)) #ff6666
|
||
*All there references are missing.*
|
||
- “Proposed Methodology” ([“Data Poisoning in LLMs”, p. 3](zotero://select/library/items/SZ7XFBU7)) ([pdf](zotero://open-pdf/library/items/AI9H8P3A?page=3&annotation=YRXPDBKM)) #ff6666
|
||
*Can you do a presentation by adding figures distilling the proposed solution's main components? It is necessary to refer to the examples I suggested to add earlier in the document.*
|
||
- ## #Resources
|
||
- [Umar's PPT.pptx (sharepoint.com)](https://univaq.sharepoint.com/:p:/s/UmarsWork2/EaGM3T_RtypAuqKcsiHuf0sBSiWN5XM50M0D8BTRZHIljQ?e=IIbo9E)
|
||
- [Umar’s Work- Status Update - Google Docs](https://docs.google.com/document/d/11ETxOUrDA-ha6dfo21DCkx1AVPtjEyGq5hF4qZMt9Lg/edit)
|
||
- [Updated Proposal- Umar - Online LaTeX Editor Overleaf](https://www.overleaf.com/project/65de08d8a9a8da996380bd62)
|
||
- [Literature Review - Online LaTeX Editor Overleaf](https://www.overleaf.com/project/643e68c8a424e0027e19fc5d)
|
||
- [Data Poisoning in LLMs - Google Docs](https://docs.google.com/document/d/1iEUsNeOJP0ZlZWYdpy9DDeAnHnTwEPQmmNfpneoeBcE/edit)
|
||
-
|
||
- ## Omnivore resources
|
||
- https://omnivore.app/home?q=+label%3A%22People%2FUmar%22
|
||
- [two novel techniques for poisoning code-suggestion models that bypass static analysis mitigation:](https://www.microsoft.com/en-us/research/publication/trojanpuzzle-covertly-poisoning-code-suggestion-models/)
|
||
- https://arxiv.org/pdf/2304.03472.pdf
|
||
-
|
||
- ## New version of the project proposal
|
||
- [[@Prompt-Injection based Adversarial Attacks in Large Language Models]] |