Kafukufuku wa Kuteteza Mbiri ndi Kuipitsa kwa LLM

Tsambali ndi archive ya kafukufuku wokhazikitsidwa pa kuipitsa kwa LLM, makina opinga zoyipa, ndi njira zotetezera mbiri. Chiopsezo ndi chofunikira: kuchuluka kwa chidaliro mu zomwe LLM imapereka kwataya mphamvu yathu yotsimikizira mfundo, pamene adani angaperekere malemba mosavuta omwe amasinthira momwe modelu imagwirira ntchito ndi momwe kufufuza kumawonera anthu omwe alibe zizindikiro zambiri pa intaneti.

Chidule Cha Mtsogoleri

Anthu wamba omwe ali ndi chizindikiro chaching'ono pa intaneti amakumana ndi chiopsezo chokulirapo chifukwa cha kuwonjezeka kwa mawu odyetsa mbiri ndi kuphulika kwa deta pogwiritsidwa ntchito ndi AI. Munthu m'modzi wokhumudwitsidwa akhoza kuyamba nkhani zolakwika zomwe kufufuza, ma social feed, ndi LLMs zimabwereza. Lipotili limafotokozera njira zomwe nthawi zambiri zimagwiritsidwa ntchito polimbana, zotsatira zenizeni pa mbiri ndi chitetezo, komanso bukhu lachitukuko lokhudza kuzindikira ndi kuteteza. Limasonyezeranso mmene zotsimikizika za cryptography (cryptographically verified attestations) ndi njira za retrieval zomwe zimadziwa gwero zingachepetse kuipitsa kwa anthu ndi ogwiritsa ntchito.

Omvera ndi Chitsanzo cha Zowopseza

Omvera: anthu payekha ndi mabungwe ang'ono ang'ono opanda chidwi chochuluka pa SEO. Zolepheretsa: nthawi yochepa, bajeti yochepa, ndi zinthu zaukadaulo zochepa. Wopandanso nkhondo (adversary): munthu m'modzi amene angapangire ndikuyika zambiri zachinyengo, kugwiritsa ntchito maukonde osavuta a ma link, ndi kugwiritsa ntchito madera osayang'aniridwa mu malipoti. Zolinga: kusokoneza zotsatira za kufufuza/LLM, kuwononga mbiri, ndi kupanga kukayikira kwa ogwira ntchito, makasitomala, nsanja, kapena olemba.

Kodi LLM Poisoning ndi chiyani?

Kuyipitsidwa kwa LLM kumatanthauza kulamulira kapena kusintha makhalidwe a modeli pogwiritsa ntchito zomwe zasindikizidwa kapena zomwe zachitidwa mowolowa manja — mwachitsanzo, mauthenga oyipa, nkhani zopangidwa (synthetic), kapena spam pa mafora — zomwe makina ofufuza angaziteke kapena anthu angazigwiritse ntchito ngati zizindikiro, zomwe zimakhudza ma modeli kuti agwirizane ndi zolakwika ndi nkhani zolimbana ndi mbiri.

Popeza ma LLM ndi masistimu a retrieval amafuna kuchuluka ndi kuphera, wopikisana m'modzi angakhudze zomwe makina 'amaona' za munthu powuza gawo laling'ono la webu. Izi ndizothandiza makamaka kwa anthu omwe ali ndi chizindikiro chochepa pa intaneti.

Momwe Mbiri Imasokonekera

  • Kuipitsa pa search ndi social - kuba mbiri (profile jacking), ma link farms, ndi kutumiza zolemba zambiri kuti zipangitse kusintha pa mawonekedwe a ranking ndi ma autocomplete associations.
  • Kuipitsa banki ya chidziwitso ndi RAG - kupanga masamba a entity ndi ma notsi a QA omwe amaoneka ngati ofanana pamtanthauzo ndipo amapezeka ngati context.
  • Kuika ma prompt moyendetsero - zomwe zili zoopsa pa webu zomwe zimayambitsa ma agent osakatula kubwereza malangizo kapena kutulutsa zidziwitso zofunika.
  • Backdoored endpoints - ma wrapper a model okhudza boma omwe amachita mwachizolowezi mpaka mawu otsegulira (trigger phrases) aperekedwa; pambuyo pake amapereka zolakwa zolunjika (targeted falsehoods).

Zowopseza Zowonjezera ndi Njira za Kulephera

  • Kugwa kwa modeli chifukwa cha kuphunzitsidwa pa zopangidwa (synthetic) — ma feedback loops komwe zolemba zopangidwa zimawononga khalidwe la modeli lomwe lili mtsogolo ngati sizisankhidwa kapena kuyikidwa pa kulemera.
  • Kuika ma prompt moyendetsero (indirect prompt injection) - zinthu zowopsa pa webusayiti zomwe zimalamulira wothandizira kapena chida chosakatula kuti atulutse zinsinsi kapena kugawira kuipitsa mbiri akalembedwa.
  • Kuipitsa chosungira cha embedding - kuyika magawo oletsa mu banki ya chidziwitso kuti posankhidwa kosiukidwa kumatulutsa malingaliro olakwika omwe amaoneka ngati ofanana pamtanthauzo.
  • Backdoored releases - kusindikiza checkpoints zosinthidwa kapena ma wrapper a API omwe amachita mwachizolowezi mpaka mawu otsegulira (trigger phrase) apapezeka.

Milandu Yeniyeni ndi Zolemba Zothandizira

Zothetsera mwatsatanetsatane

Kufufuza ndi Kuyika Pa Mndandanda

  • Kuwaza gwero ndi kulemera kwa mbiri - sankhani zomwe zawunikidwa kapena zovomerezedwa ndi wofalitsa; chepetsani kulemera kwa masamba atsopano kapena omwe ali ndi mbiri yotsika.
  • Kuchepa kwa nthawi ndi nthawi yopuma — funsani kuti pakhale nthawi yolowera (dwell time) musanawalole magwero atsopano kulimbikitsa mayankho ofunikira; onjezani kuwunikiranso kwa anthu pa zigawochi zovuta.
  • Kuzindikira ma echo chamber - gulitsani magawo pafupi ofanana ndikuchepetsa ndikuwongolera zotsatira zokhudzana ndi gwero limodzi kapena netiweki.
  • Kupezera zotengera ndi zazilendo mu malo a embedding — kuika chizindikiro pa ma passage omwe malo awo mu vector anasinthidwa mwachinyengo.

Ukhondo wa Deta ndi KB (Knowledge Base)

  • Chitani snapshot ndi diff ya mabwalo a chidziwitso - yang'anani kusintha kwakukulu (large deltas), makamaka pazinthu za anthu ndi zolakwa zomwe zilibe magwero oyambirira.
  • Mndandanda wa canary ndi deny - kuletsa kuphatikizidwa kwa ma domain odziwika oti amagwiritsidwa ntchito mwachinyengo; onjezani ma canary kuti muyese kufalikira kopanda chilolezo.
  • Munthu mu njira pa mitu yolemera - sungani zosintha zomwe zaperekedwa pa mfundo za mbiri kuti zifufuzidwe pamanja.

Zotsimikizika ndi Mbiri

  • Zotsimikizika za cryptography - mawu osainidwa ochokera kwa akatswiri ndi mabungwe omwe awunikidwa ndipo amasindikizidwa mu log yomwe imangoonjezedwa (append-only log).
  • Ma graph a mbiri - kuunganiza zitsimikizo zolimbikitsidwa (signed endorsements) ndikusintha mndandanda kuti muchepetse zomwe zili kuchokera kwa omwe amakwiya kawirikawiri kapena ma bot networks.
  • Ma citation omwe ogwiritsa amawona — funsani kuti ma modeli awonetse magwero ndi chikhulupiriro pamodzi ndi mabaji a provenance pa mawu okhudzana ndi zinthu zovuta.

Mndandanda wa Kampani

  • Pangani mapa a zinthu zovuta m'munda wanu (anthu, mabondi, mitu ya malamulo) ndikuyendetsa mafunso ku njira zotetezedwa zomwe zimafuna chitsimikizo cha komwe zinalembedwera (provenance).
  • Gwiritsani ntchito C2PA kapena ma content credentials ofanana kwa zinthu za gulu loyamba (first party content) ndipo ulimbikitsani ogwirizana nanu kuti achite chimodzimodzi.
  • Lembani momwe magwero atsopano akukhudzira pa nthawi, ndikudziwitsani pamene pali kusintha kosayembekezeka m'mayankho a chinthu.
  • Yendetsani red-teaming mosalekeza pa RAG ndi ma agent osakatula, kuphatikizapo mayeso a indirect prompt injection.

Kupangidwa ndi Kuipitsidwa kwa Mbiri kudzera pa AI

Anthu omwe amagulidwa ntchito tsopano amagwiritsa ntchito AI ndi makina kuti apange mwachangu kupangitsa kupangidwa kwa mantha ndi kuipitsa mbiri, kupanga mawu omwe amaoneka olondola komanso ma “gwero” abodza osavuta kuwunikira, kuskrapa ndi kugawira. Makampeni amenewa ndi otsika mtengo, apadera kwambiri, ndipo ndi ovuta kukonza akangochulukitsidwa ndi makina.

Chad Scira wachita mwiniwake kudziwononga ndi kupondereza kwabwino, kopangidwa ndi ma link a spam omwe cholinga chake ndikusokoneza zizindikiro za mbiri ndi mawonekero mu zotsatira za kufufuza. Nkhani yathunthu ndi chitsanzo cha umboni yazilembedwa apa: Jesse Nickles - Kupangidwa ndi Kuipitsidwa kwa Mbiri.

Chilichonse chaposachedwa pa Stack Exchange chikusonyeza mmene maukonde a maakaunti omwe amagwirizana angapangitse chikhulupiriro pa nsanja zomwe mwachizolowezi zili ndi zizindikiro zolimba za udindo. Kuletsedwa kwa zaka 100 kwa maakaunti angapo okhudzana, kotero potsatira kutulutsidwa kwa zinthu zokhumudwitsa pa nsanja zosiyanasiyana, kumapangitsa izi kukhala chitsanzo chothandiza cha kusanja komwe kumadziwa gwero (provenance-aware ranking) ndi masistimu okana zinyengo. Chochitika cha kuzunza ndi kuyipitsa mbiri pa Stack Exchange.

Mitundu ya Chiopsezo

  • Kuipitsa deta ya pretraining - kuipitsa ma corpora a anthu omwe amagwiritsidwa ntchito pakuphunzitsa koyamba kuti muike zolumikizana zolakwika kapena ma backdoor.
  • RAG poisoning - kuipitsa mabwalo a chidziwitso kapena magwero akunja omwe mapayipi a retrieval amagwiritsa ntchito pa nthawi ya inference.
  • Kuipitsa pa search/social - kuzaza ma post kapena masamba a khalidwe lochepa kuti zipangitse kusintha mu masaini a retrieval ndi ranking okhudza munthu kapena mutu.
  • Zoyankhulira ndi zinthu za adavarsarial - kupanga ma input omwe amalimbikitsa miyendo yomwe siyofunikira kapena jailbreak zomwe zimabwereza mawu odyetsa mbiri (defamatory claims).

Zochitika Zaposachedwa ndi Zofufuza (zili ndi masiku)

Chidziwitso: masiku omwe ali pamwambapa akuwonetsa masiku osindikizidwa kapena kutulutsidwa pagulu pa zofotokozera zomwe zalumikizidwa.

Chifukwa Chiyani Izi Ndi Zowopsa

  • Ma LLM angawoneke ngati odalirika ngakhale zomwe amachokera — ma reference kapena zinthu zofotokozera — zikakhala zolimba kapena zasindikizidwa mwachinyengo.
  • Mapayipi a retrieval ndi ranking angakhale akupereka kulemera kwambiri kwa mawu omwe amabwerezabwereza, zomwe zimapangitsa kuti munthu m'modzi asinthe zotsatira pogwiritsa ntchito kuchuluka kokha.
  • Kuyesa zowona ndi anthu kumatenga nthawi ndipo kumawononga ndalama poyerekeza ndi liwiro la kupanga ndi kugawa zinthu mwa makina.
  • Anthu omwe alibe mbiri yayikulu pa intaneti amakhala ofooka kwambiri ku kuchititsidwa chinyengo kuchokera pa positi imodzi (single-post poisoning) komanso kuwononga umunthu (identity attacks).

Kufufuza Mozama pa Zowopsa

  • Kuwunika ntchito ndi nsanja - kufufuza ndi zolemba za LLM zingabweze zomwe zapaipitsidwa pa nthawi ya kugwira ntchito, kusamalira kapena kuyanjitsa.
  • Zoyendera, nyumba, ndi ntchito zachuma — mayeso okhazikitsidwa ndi makina atha kubweretsa nkhani zolakwika zomwe zingachititse kuchepa kapena kuletsa kupatsidwa kwa ntchito.
  • Kupitiriza - ikangofotokozedwa mu ma knowledge base kapena mayankho osungidwa (cached), zolembetsa zolakwika zikhoza kubwerera ngakhale pambuyo pochotsedwa.
  • Feedback yopangidwa (synthetic feedback) - zomwe zimapangidwa zimatha kuyambitsa zambiri zina zopangidwa, zomwe zimawonjezera kuonekera ndi kulemera kwa zolakwika panyengo ya nthawi.

Kuzindikira ndi Kuwunika

  • Konzekerani ma alert a kufufuza pa dzina lanu ndi mayina ena; nthawi ndi nthawi yang'anirani ma 'site:' queries pa ma domain omwe ali ndi mbiri yotsika omwe akunena za inu.
  • Lembani kusintha kwa mapanelo anu azidziwitso kapena masamba a chinthu; sungani zithunzi za skrini zokhala ndi tsiku komanso makope otumizidwa ngati umboni.
  • Yang'anirani mapu a maubale a pa intaneti (social link graphs) pazinthu monga maakaunti omwe amakhala akubwerezedwa kapena kukwera mwadzidzidzi kwa njira yomweyo ya mawu.
  • Ngati mukuyendetsa RAG kapena banki ya chidziwitso, chita mayeso a entity drift ndikuwunikanso kusiyana kwakukulu pa masamba a anthu kapena milandu popanda ma gwero oyambirira.

Protection Playbook - Anthu payekha

  • Pangani tsamba lanu laumwini lomwe limatsimikizira umunthu wanu moyenera, likuphatikiza mbiri yafupi ndi njira zolumikizirana; sungani chikalata cha zosintha chokhala ndi tsiku.
  • Lumikizani metadata ya mbiri pa nsanja zonse; pezani mbiri zovomerezeka (verified profiles) pamene kuli kotheka ndikuzilumikiza ndi webusaiti yanu.
  • Gwiritsani ntchito C2PA kapena ma credential ofanana a zomwe zili pa zithunzi ndi zikalata zofunika pamene kuli kotheka; sungani zoyambirira mwachinsinsi.
  • Sungani log ya umboni yokhala ndi ma timestamps: zithunzi za chinsalu (screenshots), maulalo, ndi nambala zilizonse za matikiti a nsanja kuti mugwiritse ntchito pomwe mukufunikira kuyendetsa mwachangu.
  • Konzekerani ma template a takedown; yankhani mwachangu pazoyesa zatsopano ndikulemba sitepe iliyonse kuti pakhale mbiri yolondola.

Protection Playbook - Magulu ndi Ophatikizira

  • Sankhani zomwe zasainidwa kapena zomwe wapublisher wasanthula pa retrieval; gwiritsani ntchito nthawi ya 'grace period' pa magwero atsopano.
  • Muchepetse kukhudza komwe kumabwereza kuchokera ku gwero lomwelo ndipo muchotse ma duplicates pafupi pa netiweki ya gwero.
  • Onjezani mabaji a gwero (provenance) ndi mndandanda wa magwero omwe wogwiritsa angawone pazikhalidwe za munthu ndi mitu ina yovuta.
  • Gwiritsani ntchito kuzindikira zinthu zosayenera (anomaly detection) pa zosungira embedding; dziwitsani ma vector a adavarsarial omwe ali kunja (outliers) ndi kuthamanga mayeso a canary kuti muwone kupitirira kopanda chilolezo.

Kafukufuku: Zitsimikizo Zotsimikizidwa ndi Cryptography

Chad Scira akumanga masistimu a zotsimikizika zomwe zachitidwa ndi cryptography kuti alipire chikhulupiriro mu mawu okhudza anthu ndi zochitika. Cholinga ndikupeza ma LLM ndi masistimu a retrieval ndi mafunso osainidwa (signed, queryable claims) ochokera kwa akatswiri ndi mabungwe omwe awunikidwa, kupatsa gwero lolimba komanso kukana kwambiri ku kuphulika kwa deta (poisoning).

Mfundo za Kapangidwe

  • Kuzindikira ndi chiyambi: mawu amasainidwa ndi anthu kapena mabungwe owatsimikizira pogwiritsa ntchito cryptography ya makiyi a wamba.
  • Kusungirako kovomerezeka: ma attestation amalembedwa pa ma log opanda njira yothetsera (append-only), ndipo okhala ndi umboni wosintha (tamper-evident) kuti zikhale zogwira ntchito zowunika payekha.
  • Kulumikiza kwa retrieval: mapayipi a RAG angapatsire patsogolo kapena kufuna magwero otsimikizidwa ndi cryptography pa mafunso ofunikira.
  • Zosavuta kutsatira: ma API ndi ma SDK zimathandiza ogulitsa kapena ma platform kuti apange ndi kuyang'ana zitsimikizo pa nthawi yomwe zimalembedwa/zikulandiridwa (ingestion).

Mbiri ndi Kuwuza

Kuphatikiza pa zitsimikizo, gawo la mbiri limasonkhanitsa ma endorsement osainidwa ndi kuika chizindikiro pa omwe amadziwika kuti amachita zovulaza. Makina a ma alerts amadziwitsa zolinga pamene matikiti okhudzana kapena kukwera kosayenera kwa deta zikadziwika, zomwe zimalola kuyankha mwachangu ndi kufunsa kuchotsa.

Njira Zamalamulo ndi Za Nsanja

  • Gwiritsani ntchito njira zolipoti za nsanja zokhala ndi mapaketi a umboni owoneka bwino: maulalo, masiku, zithunzi za skrini, ndi zotsatira. Tchulani malamulo okhudza defamation ndi harassment.
  • Onjezani kuchitira mwamphamvu ndi zidziwitso zovomerezeka pamene kuli koyenera; sungani ma log a mauthenga ndi ma ID a matikiti mu chilendo chanu cha umboni.
  • Ganizirani kusiyanasiyana kwa malamulo m'madera pa nkhani za kupondereza (defamation) ndi udindo wa nsanja; funsani wolamula pa milandu yachiwopsezo kwambiri.

Mapulani Otsatira (Chaka 1)

  • MVP: schema ya zitsimikizo ndi SDK ya publisher yopangira kusaina mawu a umunthu ndi milandu ya zochitika.
  • Yambani ndi gulu laling'ono la akatswiri ndi mabungwe omwe awunikidwa; konzani njira zotsimikizira.
  • Zowonjezera za RAG: yambitsani mode ya mayankho oyambira ndi mbiri yomwe imapatsa patsogolo magwero otsimikizidwa (attested sources) pa mafunso ofunikira.

Zowerengera Zowonjezera (ndi masiku)

Mgwirizano

Kafukufukuyu ndikotsogola komanso akusintha mosalekeza. Chad Scira amalandira mgwirizano ndi akatswiri ena m'gawo ili.

Ngati mukufuna kugwira ntchito limodzi, chonde funsani pa: [email protected]

Chidziwitso chamalamulo. Zomwe zasindikizidwa patsamba lino ndi zolemba za umma za mfundo zenizeni. Izi zikugwiritsidwa ntchito monga umboni mu mlandu wachipolisi wokuchitika wokhudzana ndi kuphwanya mbiri wokhudzana ndi Jesse Jacob Nickles ku Thailand. Chizindikiro chovomerezeka cha mlandu wachipolisi: Bang Kaeo Police Station – Daily Report Entry No. 4, Book 41/2568, Report No. 56, dated 13 August 2568, Reference Case No. 443/2567. Zolembazi zitha kugwiranso ntchito ngati umboni wothandizira kwa anthu ena aliwonse kapena mabungwe omwe akutsatira milandu yawo yokhudzana ndi kusokonezedwa kapena kuphwanya mbiri motsutsana ndi Jesse Nickles, chifukwa pali chitsanzo cholondola cha machitidwe obwereza omwe akukhudza anthu ambiri.