Gurbatar LLM da Binciken Rigakafin Cin Amfani

Takaitaccen Bayani na Shugabanci

Mutanen yau da kullum masu ƙaramin sawun intanet suna fuskantar babban haɗari daga ɓarnar da AI ke ƙarfafa ta hanyar ƙaryar suna da gurbatar bayanai. Wani mutum mai ƙwazo zai iya dasa jita-jita na ƙarya waɗanda bincike, abubuwan da ke cikin kafofin sada zumunta, da LLMs za su maimaita. Wannan takardar tana bayyana hanyoyin hare-hare na gama-gari, tasirinsu na ainihi ga suna da tsaro, da kuma wani jagorar aiki na aikace-aikace don gano su da kariya. Hakanan tana bayyana yadda takardun shaida da aka tabbatar ta hanyar cryptography da kuma dawo da bayanai masu la'akari da asalinsu za su iya rage illa ga mutane da masu haɗawa.

Masu Sauraro da Samfurin Barazana

Masu sauraro: mutane da ƙananan ƙungiyoyi waɗanda ba su da manyan sahun SEO. Takaitawa: iyakantaccen lokaci, kasafin kuɗi, da albarkatun fasaha. Abokin gaba: mutum ɗaya mai iya ƙirƙira da wallafa manyan adadin rubuce-rubuce, amfani da sauƙaƙan hanyoyin haɗi, da amfaani da ramukan rahoto. Manufofi: karkatar da sakamakon bincike/LLM, cutar da suna, haifar da shakka ga ma'aikata, abokan ciniki, dandamali, ko wakilai.

Menene gurbatar LLM?

Gurbatar LLM tana nufin sarrafa halayen samfurin ta hanyar abun ciki da aka dasa ko haɗa kai - misali, sakonnin mugunta, labarai na ƙirƙira, ko spam a dandalin tattaunawa - waɗanda tsarin dawo da bayanai zai iya karɓa ko mutane su yi amfani da su a matsayin alamomi, suna matsa samfuran zuwa haɗakar karya da labaran zagon suna.

Saboda LLMs da tsarin dawo da bayanai suna inganta don girma da rufe bayanai, mutum ɗaya mai ƙwazo na iya tsara abin da samfurin ke "gani" game da wani ta hanyar cika wani ƙaramin ɓangare na yanar gizo. Wannan yana da tasiri musamman ga mutane da ke da ƙaramin kasancewa a intanet.

Yadda Martaba Ke Lalacewa

• Gurbatar bincike da na sada zumunta - satar bayanan martaba, gonakin hanyoyin haɗi, da yawan wallafa sakonni don karkatar da abubuwan matsayi da dangantakar cikar rubutu ta atomatik.
• Gurbatar tushen ilimi da RAG - ƙirƙirar shafukan abubuwa (entity) da bayanan QA waɗanda ke bayyana masu dacewa ta ma'ana kuma ake mayar da su a matsayin mahallin.
• Saka umarni ta hanyar rashin kai tsaye - abun ciki mai adawa a yanar gizo wanda ke sa wakilan bincike su maimaita umarni ko su fitar da bayanan sirri masu mahimmanci.
• Ƙarshen da aka saka baya - marufin samfurin cutarwa waɗanda ke aiki kamar al'ada har sai an bayyana ƙalmar kunnawa, sa'annan su fitar da ƙaryayyun bayanai na nufi.

Additional Risks and Failure Modes

• Rushewar samfurin daga horo akan fitarwa na ƙirƙira - madauwari na amsa inda rubutun da aka samar ke rage ingancin samfurin na gaba idan ba a tace shi ko ba a ba shi nauyi daban ba.
• Saka umarni ta hanyar rashin kai tsaye - abun ciki mai adawa a yanar gizo wanda ke umurta wakili ko kayan bincike su fitar da sirri ko su yada batanci idan an ambace su.
• Guba a ajiyar embedding - saka sakin layi masu adawa a cikin tushen ilimi domin lokacin dawo da bayanai su bayyana ƙaryayyun ikirari waɗanda suka yi kama da dacewar ma'ana.
• Sakin da aka saka baya - wallafa fayilolin checkpoint da aka gyara ko marufin API waɗanda ke aiki kamar al'ada har sai an sami ƙalmar kunnawa.

Shari'o'i Masu Ainihi da Manazarta

• La'anar Maimaici: Horarwa kan Bayanai da Aka Samar (Mayu 2023)
• OWASP Mafi Manyan 10 don Aikace-aikacen LLM (2023-2024)
• Lakera Gandalf - nunin saka umarni (prompt injection) (2023-2024)
• Nightshade - gurbatar bayanai da aka nufa don hotuna (2023-2024)
• PoisonGPT - bayyanar LLM mai backdoor (Yuli 2023)
• PoisonedRAG - guba ga tushen ilimi don RAG (Fabrairu 2024)
• C2PA - takardun shaida na abun ciki da ƙoƙarin bibiyar tushen asali (2023-2024)

Matakan Rage Hadari a Zurfi

Samun Bayani da Matsayi

• Binciken darajar tushe da nauyin asali - fifita abun ciki da aka sa hannu ko wanda mai wallafa ya tabbatar; rage nauyi ga shafuka da aka ƙirƙira kwanan nan ko masu ƙananan martaba.
• Raguwar lokaci tare da wani lokacin jinƙai - buƙaci ɗan lokaci kafin sabbin tushe su rinjayi amsoshin masu babban muhimmanci; ƙara bitar ɗan adam ga abubuwan da suka kasance masu mahimmanci.
• Gano echo chamber - haɗa rukunin sakin layi masu kusan maimaitawa kuma iyakance maimaitaccen tasiri daga asalin ko cibiyar sadarwa guda.
• Gano outlier da abubuwan mamaki a sararin embedding - yi alama ga sakin layuka waɗanda matsayinsu a cikin vector an tsara su ta hanyar dabarun adawa.

Tsaftar Bayanai da Tushen Ilimi (KB)

• Tarin ilimi na snapshot da bambance-bambance - duba manyan bambance-bambance, musamman ga abubuwan mutum da zarge-zarge ba tare da tushe na farko ba.
• Jerin canary da na hanawa - hana haɗawa da yankuna da aka sani da cin zarafi; saka canary don auna yaduwar da ba bisa izini ba.
• Mutum a cikin madauwari don batutuwa masu haɗari - saka sabbin gyare‑gyaren da aka gabatar ga bayanan mutunci cikin jerin jiran don hukunci na hannu.

Takardun Shaida da Martaba

• Shaidu da aka tabbatar ta hanyar cryptography - bayanan da aka sanya hannu daga ƙwararru da ƙungiyoyi da aka tantance, an wallafa su ta hanyar rajista mai ƙari kaɗai (append-only log).
• Taswirorin martaba - haɗa tabbacin sa hannu da rage matsayi na abun ciki daga masu maimaita cin zarafi ko cibiyoyin bot.
• Ambaton da ke gaban mai amfani — buƙaci samfura su nuna majiyoyi da matakin tabbaci tare da lambobin asali don ikrarai masu muhimmanci.

Jerin Bincike na Kamfani

• Yi taswira na abubuwan da suka shafi fagenku (mutane, alamu/masu suna, batutuwan doka) kuma tura tambayoyi zuwa bututun da aka kiyaye tare da buƙatun tushen bayanai.
• Adopt C2PA or similar content credentials for first party content and encourage partners to do the same.
• Bi tasirin sabbin tushe a kan lokaci kuma yi faɗakarwa kan sauye-sauye marasa al'ada ga amsoshin matakin abu.
• Gudanar da ci gaba na red teaming don RAG da wakilan bincike ciki har da jerin gwaje-gwaje na saka umarni ta hanyar kaikaice.

Cin Zarafi da Zubar da Suna ta hanyar AI

Mutanen da ake ɗauka aiki yanzu suna amfani da AI da tsarin atomatik don samar da tarin cin zarafi da zubar da suna, suna ƙirƙirar rubutu mai kama da gaskiya da ƙarya “majiyoyi” da sauƙin yi wa index, cire bayanai, da sake rabawa. Waɗannan yaƙe‑yaƙe suna da ƙarancin ƙima, babban tasiri, kuma yana da wahala a gyara su idan an ƙara musu karfi ta hanyar tsarin atomatik.

Chad Scira ya sha fuskantar cin zarafi na musamman da ɓarnar suna tare da haɗa hanyoyin haɗi masu cike da spam da nufin karkatar da siginar suna da sakamakon bincike. An rubuta cikakken asusu da jerin hujjoji anan: Jesse Nickles - Cin Zarafi da Zubar da Suna.

Nau'in Barazana

• Gubar bayanan horo na farko - gurbata kundin bayanai na jama'a da ake amfani da su wajen horo na farko don sanya ƙaryayyun alaƙa ko ƙofofin baya (backdoors).
• RAG poisoning - shuka guba a tushen ilimi ko maɓuɓɓuka na waje da bututun dawo da bayanai ke amfani da su a lokacin aiwatar da tambaya (inference).
• Gurbatar bincike/sada zumunta - mamaye da posts ko shafuka masu ƙaramar inganci don karkatar da sigogin dawo da bayanai da rarrabawa game da mutum ko batu.
• Adversarial prompts and content - crafting inputs that trigger undesirable behaviors or jailbreaks that repeat defamatory claims.

Abubuwan da suka faru na baya-bayan nan da Bincike (tare da kwanan wata)

• Nightshade - gurbatar bayanai da aka mayar da hankali ga tambayoyi (University of Chicago, 2023-2024)
• PoisonGPT - sakin LLM mai backdoor (Mithril Security, Yuli 2023)
• PoisonedRAG - guba ga tushen ilimi don RAG (Fabrairu 2024, arXiv)
• C2PA - ƙa'idodin takardun shaida na abun ciki da tushen asali (2023-2024)

Lura: Kwanakin da ke sama sun nuna ranakun wallafa ko ranakun sakin jama'a a tushe da aka haɗa.

Me yasa wannan yake haɗari

• LLM na iya bayyana a matsayin amintacce ko mai iko ko da tushen bayanansu rauni ne ko an dasa su da nufin cutarwa.
• Matakai na dawo da bayanai da rarrabawa na iya fifita rubutu mai maimaitawa, suna ba wa wani mai ruwa da tsaki damar karkatar da sakamako ta hanyar yawan bayanai kadai.
• Binciken gaskiya na ɗan adam yana da jinkiri kuma mai tsada idan aka kwatanta da saurin samarwa da rarraba abun ciki ta atomatik.
• Waɗanda ba su da babbar halartar kan layi suna cikin haɗari mafi yawa daga gurbatar bayanai ta hanyar rubutu guda ɗaya da kuma hare-haren satar ainihi.

Zurfin Nazarin Hadari

• Binciken aiki da dandamali - bincike da taƙaitaccen LLM na iya bayyana abubuwan da aka guba yayin ɗaukar ma'aikata, gyaran abun ciki, ko binciken shiga aiki.
• Balaguro, masauki, da ayyukan kuɗi - gwaje-gwajen atomatik na iya bayyana labaran ƙarya waɗanda ke jinkirta ko toshe ayyuka.
• Dorewa - da zarar an lissafa su a cikin tushen ilimi ko amsoshi da aka ajiye a ƙwaƙwalwa, ikirarin ƙarya na iya bayyana daga bisani ko da bayan an cire su.
• Ra'ayi na kirkira - abun ciki da aka samar na iya haifar da ƙarin abun ciki da aka samar, yana ƙara nauyin da ake ganin ƙarya a tsawon lokaci.

Gano da Sa ido

• Saita faɗakarwar bincike kan sunanka da sunayen madadi; lokaci-lokaci duba tambayoyin site: don yankuna masu ƙananan martaba da ke ambatonka.
• Bi canje-canje a allunan bayanai ko shafukan ƙungiyoyi; adana hotunan allo masu kwanan wata da kwafukan fitarwa don hujja.
• Kula da taswirorin haɗin zamantakewa don gano asusun asali masu maimaitawa ko tashin gaggawar yawan jimloli masu kama.
• Idan kuna gudanar da RAG ko tushen ilimi, gudanar da gwaje‑gwajen 'entity drift' kuma duba manyan bambance‑bambance a shafukan mutane ko zarge‑zarge da ba su da tushe na farko.

Littafin Tsaro - Mutane

• Buga shafin mutum na kansa tare da bayyana a fili na asalin mutum, takaitaccen tarihin rayuwa, da hanyoyin tuntuɓa; kiyaye rajistar sauye-sauye tare da kwanan wata.
• Align profile metadata across platforms; acquire verified profiles where feasible and link them back to your site.
• Yi amfani da C2PA ko takaddun shaida na abun ciki makamancin haka ga muhimman hotuna da takardu idan zai yiwu; a ajiye asalin su a sirri.
• Ajiye rajistar hujjoji tare da lokacin rubutu: hotunan allo (screenshots), hanyoyi, da duk lambobin tikitin dandali don gabatar da ƙara daga baya.
• Shirya samfuran takardun cire abubuwa; amsa cikin sauri ga sababbin hare-hare kuma rubuta kowane mataki domin samun sahihin bayanin takardu.

Littafin Tsaro - Kungiyoyi da Masu Haɗawa

• Fi son abun ciki da aka sanya hannu ko wanda mai wallafawa ya tabbatar a lokacin dawo da bayanai; yi amfani da wa'adin sassauci na lokaci don sabbin tushe.
• Takaita tasirin maimaitawa daga asalin guda ɗaya kuma cire kusan-kwafi a kowace hanyar asali.
• Add provenance badges and user facing source lists for person level claims and other sensitive topics.
• Adopt anomaly detection on embedding stores; flag adversarial vector outliers and run canary checks for unauthorized propagation.

Bincike: Shaidun da Aka Tabbatar ta Hanyar Ƙirptografi

Chad Scira yana gina tsarin takardun shaida da aka tabbatar ta hanyar cryptography don samar da amincewa ga bayanai game da mutane da abubuwan da suka faru. Manufar ita ce samar wa LLMs da tsarin dawo da bayanai da ikirarin da aka sanya hannu kuma za a iya bincika daga ƙwararru da ƙungiyoyin da aka tantance, wanda zai ba da tushen asali mai ƙarfi da ƙarin juriya ga gurbatawa.

Ka'idojin Zane

• Shaida da asalinsu: bayanai ana sanya hannu a kansu ta mutane/ƙungiyoyi masu tantancewa ta amfani da kriptografin maɓalli na jama'a.
• Ajiya mai tabbatarwa: takardun shaida ana ɗaure su ga rajistan da ake ƙara wa kawai, wanda ke nuna alamun shafa, don ba da damar tabbatarwa mai zaman kansa.
• Haɗin dawo da bayanai: Hanyoyin RAG na iya fifita ko buƙatar tushen da aka tabbatar ta ƙirptografi don tambayoyi masu mahimmanci.
• Ƙarancin jinkiri: APIs da SDKs suna ba masu wallafawa da dandamali damar fitarwa da duba shaidodi a lokacin shigar da bayanai.

Martaba da Faɗakarwa

Bayan takardun shaidar, matakin suna yana haɗa goyon bayan da aka sanya hannu a kai kuma yana nuna waɗanda aka sani da aikata munanan abubuwa. Tsarin faɗakarwa yana sanar da waɗanda abin ya shafa idan an gano hare-hare na haɗaka ko tashin hankali marar al'ada, yana ba da damar amsa da sauri da buƙatun cire abubuwa.

Hanyoyin Shari'a da na Dandali

• Yi amfani da tsarin rahoto na dandalin tare da kunshin hujjoji masu bayyanuwa: hanyoyin haɗi, kwanaki, hoton allo, da tasiri. Yi nuni da manufofin ɓata suna da na cin zarafi.
• Miƙa zuwa mataki mafi girma ta hanyar sanarwar hukuma idan ya dace; kiyaye rajistan wasika/saƙonni da lambar tikiti a cikin tarihin shaidarka.
• Yi la'akari da bambance-bambancen yankunan hukuma a cikin ɓarnar suna da alhakin dandamali; tuntubi lauya don shari'o'in masu haɗari.

Taswirar Aiwatarwa (Shekara ta 1)

• MVP: tsarin shaidar da SDK na masu wallafawa don sanya hannu kan bayanan ainihi da da'awar abubuwan da suka faru.
• Yi gwaji tare da ƙananan rukuni na kwararru da kungiyoyi da aka tantance; kafa tsarin aikin tabbatarwa.
• RAG plug ins: kunna yanayin amsa na farko bisa asali wanda ke fifita tushen da aka tabbatar don tambayoyi masu mahimmanci.

Karin Karatu (tare da ranaku)

• Nightshade - gurbatar bayanai da aka nufa don hotuna (2023-2024)
• PoisonGPT - bayyanar LLM mai backdoor (Yuli 2023)
• PoisonedRAG - guba ga tushen ilimi don RAG (Fabrairu 2024)
• OWASP Mafi Manyan 10 don Aikace-aikacen LLM (2023-2024)
• C2PA - takardun shaida na abun ciki da ƙoƙarin bibiyar tushen asali (2023-2024)
• La'anar Maimaici: Horarwa kan Bayanai da Aka Samar (Mayu 2023)

Haɗin gwiwa

Wannan bincike yana kan gaba kuma yana ci gaba da bunƙasa. Chad Scira yana maraba da haɗin gwiwa tare da sauran ƙwararru a wannan fanni.

Idan kuna sha'awar yin haɗin gwiwa, da fatan za a tuntube mu a: [email protected]