Nnyocha Nchedo Aha na Mmịkọ LLM

Nchịkọta Isi

Ụmụ mmadụ nkịtị nwere obere akara na ịntanetị na-eche nnukwu ihe ize ndụ sitere na mmegbu e bulitere site na AI na mmetọ data. Otu onye nwere ọchịchọ nwere ike ịtụpụta akụkọ ụgha nke ọchụchọ, ntanetị mmekọrịta, na LLMs ga-emegharị. Akwụkwọ a na-akọwa ụzọ ndị e ji eme mwakpo nke a na-ahụkarị, mmetụta doro anya na aha ọma na nchekwa, na usoro bara uru maka ịchọpụta na ichebe. Ọ na-akọwa kwa otu asambodo nkwenye kwadoro site na cryptography na nchọta maara akụkọ mmalite si belata mmebi maka ndị mmadụ na ndị na-etinye usoro.

Ndị na-ege ntị na ụdị ihe egwu

Ndị na-ege ntị: ndị mmadụ na obere òtù na-enweghị nnukwu mgbasa SEO. Mgbakọ: oge pere mpe, ego pere mpe, na akụrụngwa teknụzụ dị ntakịrị. Onye asọmpi: otu onye nwere ike ịmepụta ma bipụta nnukwu olu ederede, jiri netwọkụ njikọ dị mfe, ma jiri ebe ndị a na-apụghị ịkọ akụkọ nke ọma. Ebumnobi: imetụta nsonaazụ ọchụchọ/LLM, imerụ aha ọma, mee ka ndị ọrụ, ndị ahịa, ikpo okwu, ma ọ bụ ndị nnọchiteanya tinye obi abụọ.

Gịnị bụ LLM poisoning?

Ikwu LLM poisoning bụ ịchịkwa omume ụdị site na ọdịnaya e tinyere ma ọ bụ jikọrọ ọnụ — dịka posts ọjọọ, edemede e mepụtara n'ụzọ synthetic, ma ọ bụ spam nʼụlọọmụ — nke sistemụ nchọta nwere ike iri ma ọ bụ ndị mmadụ jiri dị ka mgbaama, na-atụgharị ụdị ka ha mee njikọ ụgha na akụkọ na-emerụ aha.

N'ihi na LLMs na usoro nchọta na-emeziwanye maka oke na mkpuchi, otu onye nwere ọchịchọ nwere ike mee ka ihe model "na-ahụ" gbasara mmadụ gbanwee site n'ịkpọsa ọtụtụ ọdịnaya n'ime obere akụkụ weebụ. Nke a na-arụ ọrụ nke ọma karịsịa megide ndị nwere obere ọdịnaya n'ịntanetị.

Otu Aha (reputation) Si Emebi

• Ibu nchọgharị na mgbasa ozi - ijide profaịlụ, link farms, na ibipụta ọtụtụ ozi iji mee ka atụmatụ nhazi na njikọ autocomplete nwee mmasị.
• Imebi isi mmalite ihe ọmụma na RAG - ịmepụta ibe entity na ndekọ QA nke yiri ihe metụtara n'ihe pụtara ma a na-eweghachi ha dịka ọdịnaya ndabere.
• Indirect prompt injection - ọdịnaya iro n'ịntanetị nke na-eme ka ngwa nchọgharị weghara ma ọ bụ wepụ data dị ize ndụ.
• Endpoints nwere backdoor - wrappers model jọgburu onwe ya nke na-eme ka ha dị ka nkịtị ruo mgbe mkpụrụokwu mkpali pụtara; mgbe ahụ ha na-ewepụta ụgha ebumnuche.

Ihe ize ndụ ndị ọzọ na ụdị ọdịda

• Ịdaba ụdị sitere na ịzụlite na mmepụta ọdịnaya synthetic — loops nzaghachi ebe ederede e mepụtara na-eme ka àgwà ụdị n'ọdịnihu daa ma ọ bụrụ na a naghị sịpụ ma ọ bụ tinye arọ.
• Indirect prompt injection - ọdịnaya iro n'ịntanetị nke na-agwa onye na-eme ihe ma ọ bụ ngwá nchọgharị ka o wepụ ihe nzuzo ma ọ bụ gbasaa imebi aha mgbe a sitere ya.
• Imebi nchekwa embeddings - itinye odide ọgụ megide n'ime isi mmalite ihe ọmụma ka nchọpụta wepụta nkwupụta ụgha nke na-egosi ịdị metụtara n'ihe pụtara.
• Ntughari nwere backdoor - ibipụta checkpoints gbanwere ma ọ bụ wrappers API nke na-eme ka ha dị nkịtị ruo mgbe okwu mkpali dị.

Ihe atụ doro anya na ntụaka

• Amararị nke Recursion: Ịzụ na Data E kere (Mee 2023)
• OWASP Top 10 maka Ngwa LLM (2023-2024)
• Lakera Gandalf - ngosipụta prompt injection (2023-2024)
• Nightshade - imebi data ebumnuche maka onyonyo (2023-2024)
• PoisonGPT - ngosipụta LLM nwere backdoor (July 2023)
• PoisonedRAG - imebi ebe ọmụma maka RAG (February 2024)
• C2PA - asambodo ọdịnaya na mbọ maka akụkọ mmalite (2023-2024)

Nchedo n'ime omimi

Nnọchite na Nhazi

• Ntule isi mmalite na ibu provenance - họrọ ọdịnaya e deturu aka ma ọ bụ onye mbipụta nyochara; belata ibu nke ibe ọhụrụ ma ọ bụ ndị nwere aha ọma pere mpe.
• Mbelata mmetụta nʼoge nwere oge nkwụsị — chọọ ka e nwee oge nkwụsị tupu isi iyi ọhụrụ emetụta azịza ndị dị oke mkpa; tinye nyocha mmadụ maka ihe e ji amata dị nro.
• Nchọpụta echo chamber - jikọta akụkụ edemede yiri ibe ha ma belata mmetụta a na-emegharị site na otu isi ma ọ bụ netwọk.
• Nchọpụta ihe pụtara iche na anomalies n'ọhịa embedding — tụfuo ihe dị n'akụkụ ederede ndị ebe vektor ha haziri maka imegide.

Nhicha Data na KB

• Were snapshot na diff nke akụ ọmụma - nyochaa nnukwu mgbanwe, karịchaa maka ihe gbasara mmadụ na mkpesa na-enweghị isi mmalite mbụ.
• Ndepụta canary na ndepụta ịjụ - gbochie itinye ngalaba a maara na-emegbu; tinye canaries iji tụọ mgbasa ozi na-enweghị ikike.
• Tinye mmadụ n'usoro maka isiokwu nwere nnukwu ihe ize ndụ - debe mmelite a tụrụ aro gbasara eziokwu reputeshọn maka mkpebi aka.

Asambodo nkwenye na aha ọma

• Asambodo nkwenye kwadoro site na cryptography - nkwupụta e debere na aka site n'aka ndị ọkachamara na òtù e nyochara, bipụtara site na ndekọ append-only.
• Reputation graphs - jikọta nkwado e dere aka ma belata ọnọdụ ọdịnaya sitere n'aka ndị na-emebi iwu ugboro ugboro ma ọ bụ netwọkụ bot.
• Nkekọ isi iyi nke na-egosi onye ọrụ — chọọ ka ụdị gosi isi iyi na ọkwa ntụkwasị obi yana akara mmalite (provenance badges) maka nkwupụta dị nro.

Ndepụta Nlele Ụlọọrụ

• Debe ma mepụta map nke ihe ndị dị nro n'ime mpaghara gị (ndị mmadụ, ika, isiokwu iwu) ma zipụ ajụjụ n'ime pipelines echekwabara nke gụnyere ihe achọrọ gbasara isi mmalite (provenance).
• Were C2PA ma ọ bụ asambodo ọdịnaya yiri ya maka ọdịnaya mbụ nke otu ma gbaa ndị mmekọ ume ime otu.
• Soro mmetụta isi iyi ọhụrụ nʼogologo oge ma kụọ ụra ịdọ aka ná ntị maka mgbanwe na-atụghị anya ya na azịza na ọkwa ihe e ji amata.
• Gbaa red teaming na-aga n'ihu maka RAG na ndị nnọchite nchọgharị, gụnyere ngwugwu ule maka indirect prompt injection.

Ịkpasu iwe na imebi aha site n'AI

Ụfọdụ ndị a na-akwụ ụgwọ ugbu a na-eji AI na akpaghị aka eme nnukwu mmepụta ịkpasu iwe na imebi aha, na-emepụta ederede yiri eziokwu na "isi mmalite" ụgha dị mfe itinye na index, iji scrape, ma kesaa ọzọ. Mgbasa ozi ndị a na-eri obere ego, nwere nnukwu mmetụta, ma sie ike idozi mgbe usoro akpaka mụbara ha.

Chad Scira enweela ahụmịhe n'onwe ya nke ntaramahụhụ ebumnuche na mmegbu aha jikọtara ya na njikọ spam nke ebumnuche ya bụ imebi akara aha na mmetụta nchọgharị. Akụkọ zuru ezu na usoro ihe àmà edepụtara ebe a: Jesse Nickles - Ịkpasu iwe na Imebi Aha.

Ihe merenụ na Stack Exchange na-egosi otú netwọk akaụntụ jikọrọ ọnụ nwere ike imepụta ntụkwasị obi n'ikpo okwu nke na-emekarị nwere akara ntụkwasị obi siri ike. Ntinye aka ọha maka afọ 100 gafee ọtụtụ akaụntụ jikọrọ ọnụ, soro mbipụta mgbakwasịrị n'ọkwa dị iche iche, na-eme ka nke a bụrụ ọmụmụ ikpe bara uru maka nhazi maara akụkọ mmalite (provenance-aware) na usoro igbochi ojoo: Ihe mberede imegide na imebi aha na Stack Exchange.

Ntọala Ụdị Ihe Egwu

• Pretraining data poisoning - imebi kọrọba ọha e ji mee ọzụzụ mbụ iji tinye njikọ ụgha ma ọ bụ backdoor.
• RAG poisoning - itinye ihe n'ime akụ ọmụmụ ma ọ bụ isi mmalite mpụga nke usoro nnọchite (retrieval pipelines) ji n'oge inference.
• Ibu nchọgharị/mgbasa ozi - ifepụtara ozi ma ọ bụ ibe dị ala n'ọtụtụ iji mee ka akara nnọchite na nhazi gbasara mmadụ ma ọ bụ isiokwu nwee mmetụta.
• Ntinye ọchịchị na ọdịnaya asọmpi - imepụta ntinye nke na-akpali omume na-adịghị mma ma ọ bụ jailbreaks nke na-emegharị nkwupụta na-emegbu aha.

Mmetụta na Nnyocha ndị Dị nso (na ụbọchị)

• Nightshade - imebi data ebumnuche arụnyere site na prompts (University of Chicago, 2023-2024)
• PoisonGPT - ntọhapụ LLM nwere backdoor (Mithril Security, July 2023)
• PoisonedRAG - imebi ebe ọmụma maka RAG (February 2024, arXiv)
• C2PA - asambodo ọdịnaya na ụkpụrụ akụkọ mmalite (2023-2024)

Cheta: ụbọchị ndị dị n'elu na-egosi ụbọchị mbipụta ma ọ bụ ụbọchị ntọhapụ ọha dị na isi iyi ndị ejikọtara.

Gịnị mere nke a ji ize ndụ

• LLMs nwere ike iyi na ha nwere ikike ọbụna mgbe ntụaka dị n'azụ ha adịghị ike ma ọ bụ e tinye ha n'ọrụ n'usoro imegide.
• Usoro nnọchite na nhazi nwere ike ibu oke maka ederede e kere ugboro ugboro, na-enye ohere ka otu onye gbanwee nsonaazụ naanị site n'ịbawanye olu.
• Nlele eziokwu ndị mmadụ na-eme na-ewe oge ma bụrụkwa ọnụ ahịa ma e jiri ya tụnyere ọsọ mmepụta na mgbasa ọdịnaya akpaka.
• Ndị e merụrụ na-enweghị nnukwu nnọchite nʼịntanetị na-adị ize ndụ karị nʼihi ntinye ozi na-ezighị ezi nʼotu post (single-post poisoning) na mwakpo njirimara.

Nyocha miri emi nke Ihe ize ndụ

• Nyocha maka ọrụ na nyiwe - ọchụchọ na nchịkọta LLM nwere ike ịpụta ọdịnaya e mebiri n'oge ịhọpụta ndị ọrụ, nlekọta, ma ọ bụ nyocha ntinye.
• Njem, inweta ebe obibi, na ọrụ ego — nyocha akpaka nwere ike ibute akụkọ ụgha nke na-eme ka e mee nchere ma ọ bụ gbochie inweta ọrụ.
• Ịdịgide - ozugbo a tinyere ọdịnaya n'ime ebe ọmụma ma ọ bụ azịza echekwara, nkwupụta ụgha nwere ike pụta ọzọ ọbụna mgbe ewepụchara ha.
• Nzaghachi sintetik - ọdịnaya e kere eke nwere ike ibute ọdịnaya ọzọ e kere eke, na-eme ka ibu nke ụgha pụta ìhè n'ogologo oge.

Nchọpụta na Nlekọta

• Tọọ ịdọ aka ná ntị nchọgharị maka aha gị na aha ọzọ gị; mgbe ụfọdụ, lelee ajụjụ site: maka dọmenụ nwere aha ọma dị ala nke na-ekwu maka gị.
• Soro mgbanwe na panel ọmụma gị ma ọ bụ ibe ihe e ji amata; debe onyonyo ihuenyo nke nwere ụbọchị na mbipụta a zipụtara dịka ihe akaebe.
• Nyochaa eserese njikọ mmekọrịta iji chọpụta akaụntụ mmalite ugboro ugboro ma ọ bụ mbuli ngwa ngwa nke usoro okwu yiri ibe ha.
• Ma ọ bụrụ na ị na-arụ RAG ma ọ bụ nchekwa ihe ọmụma, gbaa nyocha entity-drift ma nyochaa nnukwu mgbanwe na ibe mmadụ ma ọ bụ okwukwe a na-akpọ n'enweghị isi mmalite mbụ.

Ntụziaka Nchedo - Ndị Ọbụla

• Wepụsa webụsaịtị onwe onye nwere nkwupụta njirimara doro anya, bio dị mkpirikpi, na ụzọ kọntaktị; debe ndekọ mgbanwe nke nwere ụbọchị.
• Hazie metadata profaịlụ gafee ikpo okwu; nweta profaịlụ kwadoro ebe o kwere omume ma jikọọ ha azụ na saịtị gị.
• Jiri C2PA ma ọ bụ akwụkwọ ikike ọdịnaya yiri ya maka ihe oyiyi na akwụkwọ ndị dị mkpa mgbe o kwere omume; chekwaa mbipụta mbụ nʼọnọdụ nkeonwe.
• Debe ndekọ ihe akaebe nwere timestamps: screenshots, njikọ, na nọmba tiketi nyiwe ọ bụla maka ibuli elu mgbe e mesịrị.
• Kwadebe templates maka iwepụ; zaa ngwa ngwa na mwakpo ọhụrụ ma debe ndekọ nke nzọụkwụ ọ bụla maka ndekọ akwụkwọ doro anya.

Ntụziaka Nchedo - Ndị Otu na Ndị Na-ejikọta

• Họrọ ọdịnaya e nwere akara ma ọ bụ nke onye mbipụta nyochachara mgbe a na-eme nchọta; tinye oge ebere dabere na oge maka isi mmalite ọhụrụ.
• Belata mmetụta a na-emegharị site na otu isi ma wepụ ndekọ yiri ibe ha kwa netwọk isi.
• Tinye akara ngosi akụkọ mmalite (provenance badges) na ndepụta isi iyi a na-ahụ anya maka onye ọrụ maka nkwupụta gbasara mmadụ na isiokwu ndị ọzọ dị ize ndụ.
• Were usoro nchọpụta ihe na-adịghị ahụkebe na ụlọ nchekwa embeddings; kpọpụta ma nye akara maka vector outliers ndị na-asọmpi ma gbaa nyocha canary iji chọpụta mgbasa ozi na-enweghị ikike.

Nnyocha: Asambodo Kwadoro site na Cryptography

Chad Scira na-ewu usoro asambodo nkwenye kwadoro site na cryptography maka ntụkwasị obi n'okwu gbasara mmadụ na ihe mere. Ebumnuche bụ inye LLMs na usoro nchọta nkwupụta e debere na aka (signed) a pụrụ ịjụ ajụjụ banyere ha site n'aka ndị ọkachamara na òtù e nyochara, na-eme ka akụkọ mmalite sie ike ma na-eme ka iguzogide mmetọ data dịkwuo elu.

Ụkpụrụ imewe

• Njirimara na ebe si bịa: nkwupụta a na-ede aka site n'aka ndị/òtù a nyochara, jiri ụkpụrụ cryptography igodo ọha.
• Nchekwa a pụrụ ịlele: nkwenye ejikọrọ na ndekọ a na-agbakwunye naanị, nke pụtara ma a gbanwere ya, iji mee ka nnwale onwe onye kwe omume.
• Njikọta nnọchite: usoro RAG nwere ike ịnweta isi mmalite e kwadoro site na cryptography ma ọ bụ tụọ ha dị elu maka ajụjụ ndị dị ize ndụ.
• Nchegharị pere mpe: APIs na SDKs na-enye ndị na-ebipụta na ikpo okwu ohere ịnye na ịlele asambodo (attestations) n'oge ntinye data.

Aha ọma na ịdọ aka ná ntị

N'elu asambodo, oyi akwa aha ọma na-ejikọta nkwado e nyere aka ma na-etu aka ndị a maara dị ka ndị na-eme mmebi. Sistemụ ịkwa ọkwa na-ezipụ ọkwa ná ndị ebumnuche mgbe a chọpụtara mwakpo jikọtara ọnụ ma ọ bụ mbuli pụtara iche, na-eme ka o kwe omume inye azịza ngwa ngwa na itinye arịrịọ iwepụ.

Ụzọ Iwu na Ọwa Nyiwe

• Jiri usoro ịkọ akụkọ nke ikpo okwu nwere ngwugwu ihe akaebe doro anya: njikọ, ụbọchị, onyonyo ihuenyo, na mmetụta. Kpọtụrụ iwu gbasara imebi aha na imegbu.
• Buli okwu elu site na nkwupụta akọwapụtara ma ọ bụrụ na ọ dị mkpa; debe ndekọ nkwurịta okwu na IDs tiketi dịka usoro ihe akaebe gị.
• Tụlee ọdịiche iwu na mpaghara gbasara mmegbu aha na ibu ọrụ ikpo okwu; jụọ ndị ndụmọdụ iwu maka ikpe nwere nnukwu ize ndụ.

Atụmatụ Mmejuputa (Afọ 1)

• MVP: usoro asambodo na SDK onye mbipụta maka itinye akara na nkwupụta njirimara na nkwupụta ihe omume.
• Gbaa pilot na otu nta nke ndị ọkachamara na òtù a nyochachara; guzobe usoro ọrụ maka ịlele na ịwụpụta eziokwu.
• RAG plugins: kwado 'provenance-first' mode nke na-ahaziri isi mmalite kwadoro maka ajụjụ ndị dị ize ndụ.

Akwụkwọ Ọzọ Maka Ịgụ (na ụbọchị)

• Nightshade - imebi data ebumnuche maka onyonyo (2023-2024)
• PoisonGPT - ngosipụta LLM nwere backdoor (July 2023)
• PoisonedRAG - imebi ebe ọmụma maka RAG (February 2024)
• OWASP Top 10 maka Ngwa LLM (2023-2024)
• C2PA - asambodo ọdịnaya na mbọ maka akụkọ mmalite (2023-2024)
• Amararị nke Recursion: Ịzụ na Data E kere (Mee 2023)

Ịrụkọ ọrụ

Nnyocha a nọ na ogo kachasị elu ma na-apụta mgbanwe n'ọrụ. Chad Scira nabatara imekọrịta ọrụ na ndị ọkachamara ndị ọzọ n'ime mpaghara a.

Ọ bụrụ na ịchọrọ isoro anyị rụọ ọrụ ọnụ, biko kpọtụrụ na: [email protected]