Kufufuza pa Kuipitsa kwa LLM ndi Kutchinga Kogwiritsira Ntchito Moyipa

Mwachidule wa Oyang'anira

Anthufe wamba omwe ali ndi mawonekedwe ang'ono pa intaneti amakumana ndi chiopsezo chokulira chifukwa cha kuwonjezeka kwa kuipa mbiri ndi kuipitsa kwa deta kopangidwa ndi AI. Munthu m'modzi wokakamizidwa angayambe nthano zolakwika zomwe mafufuza, ma feed a social, ndi ma LLM amabwereza. Dokumenuyi imafotokoza njira zomwe nthawi zambiri amagwiritsidwa ntchito polephera, zotsatira zenizeni pa mbiri ndi chitetezo, komanso bukhu loyendetsa ntchito la kuzindikira ndi kuteteza. Imaperekanso mfundo za momwe zitsimikizo zokhazikitsidwa ndi cryptography ndi njira zogwiritsira ntchito zomwe zimadziwa chiyambi (provenance-aware retrieval) zingachepetse zovuta kwa anthu payekha ndi ophatikizira.

Omvera ndi Chitsanzo cha Zovuta (Threat Model)

Omvera: anthu payekha ndi mabungwe ang'onoang'ono omwe alibe mbiri yayikulu mu SEO. Zolepheretsa: nthawi yochepa, bajeti yochepa, ndi zasungidwe zaukadaulo zochepa. Wovutitsa (adversary): munthu m'modzi yemwe angapangitse ndikuyika ma volumes ambiri a zolemba, kugwiritsa ntchito ma network osavuta a ma link, ndi kupindula ndi malo osawoneka mu malipoti. Zolinga: kusokoneza zotsatira za kufufuza ndi ma LLM, kuwononga mbiri, komanso kupanga kukayikira kwa ogwira ntchito, makasitomala, mapulatifomu kapena omwe amagwira ntchito m'malo mwa ena.

Kodi kuipitsa kwa LLM ndi chiyani?

Kuipitsa kwa LLM kumatanthauza kusintha machitidwe a chitsanzo pogwiritsa ntchito zomwe zasowekedwa kapena zokonzedwa limodzi — mwachitsanzo, mauthenga oipa, nkhani zopangidwa, kapena spam mu ma forum — zomwe zingadulidwe ndi makina odzaza kapena kugwiritsidwa ntchito ndi anthu monga zizindikiro, kukankhira ma model ku maubwenzi olakwa ndi nkhani za kupondereza.

Chifukwa ma LLM ndi makina odzaza amafuna kuchulukitsa ndi kufikira, munthu m'modzi wokakamizidwa angapangitse zomwe modelu 'imawona' za munthu powonjezera zinthu zambiri pa gawo laling'ono la webusayiti. Izi ndizochititsa zomwe zothandiza kwambiri kwa anthu omwe alibe mawonekedwe ambiri pa intaneti.

Momwe Mbiri Imasokonekera

• Kusokoneza pa kufufuza ndi pa social — kuba mbiri za profile, malo a link (link farms), ndi kutumiza kwakukulu kwa mauthenga kuti asinthe momwe zinthu zimayikidwira mu mndandanda ndi njira za autocomplete.
• Banki la chidziwitso ndi kuipitsa kwa RAG - kupanga masamba a zigawo ndi ma notsi a QA omwe amaoneka okhudzana momveka bwino ndipo amabweretsedwa ngati konteksti.
• Kulowetsedwa kopanda mwachindunji kwa malangizo - zomwe zili pa intaneti zomwe zimayambitsa wothandizira woyendera intaneti kubwereza malangizo kapena kutulutsa deta yovuta.
• Mapeto omwe ali ndi backdoor - ma wrapper a model oyipa omwe amachita ngati zachilendo mpaka mawu oyambitsa atayamba kuonekera, kenako amatulutsa zolakwa zolondola zoyimira anthu ena.

Zowonjezera Zowopsa ndi Njira Zokhudzana ndi Kulephera

• Kugwa kwa mtundu chifukwa cha kuphunzitsidwa pa zotulutsa zopangidwa - ma loop oyankha omwe mawu opangidwa amatha kutsitsa ubwino wa mtundu mtsogolo ngati sazichitidwa kusefa kapena kuwerengedwa ndi kulemera.
• Kulowetsedwa kopanda mwachindunji kwa malangizo - zomwe zili zovulaza pa intaneti zomwe zimalamulira wothandizira kapena chida choyendera intaneti kuti atulutse zinsinsi kapena kufalitsa mawu olakwa (defamation) pamene zimafotokozedwa.
• Kuipitsa kusungira ma embedding - kuyika zigawo zolimbana mu buku la chidziwitso kuti pokafufuzidwa zituluke mawu olakwika omwe amaoneka ngati ofanana m'mawu.
• Zosindikizidwa zokhala ndi backdoor - kusindikiza ma checkpoint okhazikitsidwa kapena ma wrapper a API omwe amagwira ntchito ngati zachilendo mpaka mawu oyambitsa alipo.

Milandu Yeniyeni ndi Zolembedwa Zowonetsa

• Mavuto a Recursion: Kuphunzitsa pa Data Yopangidwa (May 2023)
• OWASP Top 10 ya Mapulogalamu a LLM (2023-2024)
• Lakera Gandalf - chiwonetsero cha kulowetsedwa kwa malangizo (prompt injection) (2023-2024)
• Nightshade - kuipitsa deta yotengera zithunzi (2023-2024)
• PoisonGPT - chiwonetsero cha LLM chokhala ndi backdoor (July 2023)
• PoisonedRAG - kuipitsa kwa knowledge base kwa RAG (February 2024)
• C2PA - ma credential a zomwe zili komanso zoyeseredwa za chiyambi (provenance) (2023-2024)

Njira Zotetezera Mosiyanasiyana

Kupeza ndi Kuyika mu Mndandanda

• Kuwunika magwero ndi kulemera kotengera komwe kwachokera - sankhani zinthu zosainidwa kapena zoyenereritsidwa ndi wofalitsa; chepetsani kulemera kwa masamba atsopano kapena okhala ndi mbiri yoipa.
• Kuchepera kwa nthawi yokhala ndi nthawi yowolera - pemphani kuti pakhale nthawi yokhalira musanavomereze kuti gwero latsopano lisinthe mayankho omwe ali ndi zotsatira zazikulu; onjezerani kuwunikiridwa ndi munthu pa zinthu zovuta.
• Kuzindikira kwa 'echo chamber' - gulani magawo pafupi ofanana ndikuwononga ndikuchepetsa kuwonekera kwa mphamvu zomwe zimabwereza kuchokera ku gwero kapena netiweki yomweyo.
• Kuzindikira ma outlier ndi ma anomaly mu malo a embedding - kuwunikira ndime zomwe malo a vector awo adakonzedwa ndi njira za adversarial.

Ukhondo wa Data ndi Buku la Chidziwitso

• Ma snapshot ndi ma diff a maziko a chidziwitso - yang'anirani kusiyana kwakukulu, makamaka pazinthu za anthu ndi milandu popanda magwero oyambirira.
• Mndandanda wa canary ndi deny - kuletsa kuphatikizidwa kwa ma domain omwe adadziwika kuti amagwiritsa ntchito mwachinyengo; ikani ma canary kuti muyerekezere kufalitsidwa kosaloledwa.
• Kukhala kwa munthu mu njira pa mitu yovutikayi - sankhani zosintha zomwe zaperekedwa pa mfundo za mbiri kuti zizitsimikiziridwa mwa manja.

Zitsimikiziro ndi Mbiri

• Zitsimikizo zosindikizidwa ndi cryptography - mawu osainidwa ochokera kwa akatswiri ndi mabungwe omwe adavomerezedwa, omwe amalembedwa mu lowo lopanda kuchotsa (append-only log).
• Ma graph a mbiri - kusonkhanitsa zitsimikizo zosainidwa ndikutsitsa mndandanda wa zomwe zalembedwa kuchokera kwa ogwiritsa ntchito obwerezedwa kapena ma netiweki a ma bot.
• Mafotokozedwe omvera kwa ogwiritsa — pemphani kuti makina awonetse magwero ndi mlingo wa chikhulupiriro, komanso ma badge a chiyambi pa malingaliro ovuta.

Mndandanda wa Kampani

• Pangani mapu a zigawo zofunika m'dera lanu (anthu, malemba a malonda, mitu yokhudza malamulo) ndipo lembani mafunso ku njira zotetezedwa zomwe zimafuna kutsimikizika kwa gwero.
• Gwiritsani ntchito C2PA kapena ma credential ena ofanana a zomwe zili mu gulu loyamba ndipo limbikitsani omwe mungagwirizane nawo kuchita chimodzimodzi.
• Sungani kuwonekera kwa magwero atsopano mwa nthawi ndikudziwitsa pa kusintha kosayembekezeka kwa mayankho pa mlingo wa zinthu.
• Yendetsani red-teaming mosalekeza pa RAG ndi ma agent osakatula, kuphatikiza ma suite oyesa okhudza indirect prompt injection.

Kuzunza ndi Kupha Mbiri pogwiritsa ntchito AI

Anthu omwe amagulitsidwa ntchito tsopano amagwiritsa ntchito AI ndi makina othandizira kupanga misa yowononga ndi kufalitsa mawu olakwa, akupanga malemba owoneka ngati okhazikika ndi “zoyambira” zabodza zomwe ndi zosavuta kuzigwiritsa ntchito kuti ziikidwe mu index, kusukulidwa (scrape), ndi kugawidwa kachiwiri. Makampani amenewa ndi otsika mtengo, ali ndi zotsatira zazikulu, ndipo zovuta kuzilekanitsa atachulukitsidwa ndi machitidwe okhaokha.

Chad Scira payekha wapatsidwa kutsutsidwa komanso kuipa mbiri komwe kunakonzedwa ndi kulumikizana kwa spam komwe kunaimirira kuti kusinthe zizindikiro za mbiri ndi zojambula za kufufuza. Ndemanga yonse yowonjezera ndi njira za umboni zafotokozedwa pano: Jesse Nickles - Kuvutitsa ndi Kufalitsa Mawu Olakwa.

Mafotokozedwe a Zowopseza

• Kuipitsa deta ya pretraining - kuipitsa ma corpora a pagulu omwe amagwiritsidwa ntchito pokonza koyambirira kuti apatse zolumikizana zolakwa kapena ma backdoor.
• RAG poisoning - kuipitsa kwa knowledge base kapena magwero akunja omwe pipeline za retrieval zimagwiritsa ntchito pa nthawi ya inference.
• Kusokoneza kufufuza/pa social - kuyika zolemba zambiri kapena masamba okhala ndi khalidwe lochepera kuti asinthe zizindikiro za kupeza ndi kuyika mu mndandanda za munthu kapena mutu.
• Ma prompts ndi zomwe zili za adavatoriali - kupanga zolowera zomwe zimayambitsa machitidwe osafunikira kapena jailbreaks zomwe zimabwereza zolembedwa zolakwika zokhudza anthu.

Zochitika Zaposachedwa ndi Kafukufuku (ndi masiku)

• Nightshade - kuipitsa deta yotengera ma prompt (University of Chicago, 2023-2024)
• PoisonGPT - kutulutsidwa kwa LLM yokhala ndi backdoor (Mithril Security, July 2023)
• PoisonedRAG - kuipitsa kwa knowledge base kwa RAG (February 2024, arXiv)
• C2PA - ma credential a zomwe zili ndi miyezo ya provenance (2023-2024)

Chidziwitso: Masiku omwe ali pamwambapa amaimira masiku ofalitsidwa kapena otulutsidwa pagulu m'magwero olumikizidwa.

Chifukwa chomwe ichi ndi chovulaza

• Ma LLM angawoneke ngati olemekeza ngakhale ma referensi omwe akutsagana nawo ndi ofooka kapena opangidwa ndi omwe ali ndi cholinga chovulaza.
• Mapayipi a kupeza ndi kuyika mu mndandanda angakhale ndi kulemera kwambiri kwa mawu obwerezedwa, zomwe zimapatsa munthu mmodzi mwayi wosinthira zotsatira pokha pa kuchuluka kwake.
• Kuwunika kwa anthu kutsimikizira mfundo kumatenga nthawi komanso kumawononga ndalama zambiri poyerekeza ndi liwiro lopanga ndi kugawa kwa zinthu zopangidwa ndi makina.
• Anthu omwe alibe mbiri yayikulu pa intaneti amakhala ofooka kwambiri ku kuipitsidwa ndi positi imodzi komanso kuwonongeka kwa udindo.

Kuwunika Kwadzika kwa Chiopsezo

• Kusanthula ntchito ndi kusanthula nsanja - kufufuza ndi ma summary a LLM kungabwereze zomwe zaipitsidwa pamene mukusankha antchito, kusamalira kapena kuyesa kulowa ntchito.
• Usafiri, nyumba, ndi ntchito zachuma - mayeso odzitetezera (automated) angatulutse nkhani zolakwika zomwe zingakokere kuchepa kapena kuletsa kupezeka kwa ntchito.
• Kuthekera kutsalira - pamene zinthu zatsekedwa mu ma knowledge base kapena mayankho osungidwa mu cache, zolankhula zolakwika zingabwererenso ngakhale pambuyo pochotsa.
• Ma synthetic feedback - zomwe zapangidwa zingayambitse kupanga zinthu zambiri zopangidwa, zomwe zimawonjezera kuwonekera kwa zomwe si zoona pa nthawi.

Kuzindikira ndi Kuwunika

• Pangani zidziwitso za kufufuza pa dzina lanu ndi mayina ena; nthawi ndi nthawi yang'anirani ma query a site: pa ma domain omwe ali ndi mbiri yoipa omwe akukutchulani.
• Limbitsani kutsatira kusintha kwa mapanelo anu a chidziwitso kapena masamba a zigawo; sungani zithunzi za chinsalu zokhala ndi tsiku komanso katundu makope ngati umboni.
• Yang'anirani ma graph a maulalo a anthu pa intaneti kuti muwone maakaunti omwe amawonekera kawirikawiri kapena kukwera kofulumira kwa mawu ofanana.
• Ngati mukuyendetsa RAG kapena banki la chidziwitso, yendetsani mayeso a kusintha kwa zigawo (entity drift checks) ndiponso muwunikenso kusiyana kwakukulu pa masamba a anthu kapena mayesero osalimbikitsidwa ndi zofotokozera zoyambirira.

Bukhu la Chitetezo - Anthu

• Falitsani tsamba lanu payekha lomwe likutsimikizira bwino chizindikiro chanu, mbiri yanu yafupi, ndi njira zolandilira; khalani ndi log ya kusintha yomwe ili ndi tsiku.
• Lembetsani metadata ya mbiri pamapulatifomu osiyanasiyana; pezani mbiri zotsimikizika pamene kuli kotheka ndipo zilumikizeni ku tsamba lanu.
• Gwiritsani ntchito C2PA kapena zidziwitso zofananira za zinthu pazithunzi ndi zolemba zofunika, mukakhala ndi mwayi; sungani zoyambirira mwachinsinsi.
• Sungani logi ya umboni yokhala ndi nthawi: zithunzi za skirini, maulalo, ndi manambala a matikiti a nsanja iliyonse kuti mugwiritse ntchito pamene mukukweza nkhani.
• Konzekerani ma template ochotsedwa; yankhani mwachangu pa zodetsa zatsopano ndipo lembani sitepe iliyonse kuti pakhale mbiri yovomerezeka.

Bukhu la Chitetezo - Magulu ndi ogwirizanitsa

• Gwiritsani ntchito zomwe zasainidwa kapena zomwe wofalitsa wawonetseratu mu retrieval; onetsani nthawi zoyimirira (grace periods) pa magwero atsopano.
• Chepetsani ndikulimitsa kufalikira kofananira kuchokera pa gwero lomwelo ndi kuchotsa ma kopi ofananira pafupi pa netiweki ya gwero.
• Onjezani ma badge a provenance ndi mndandanda wa mayankho a zowonetsa ku ogwiritsa ntchito pazivomerezi za anthu komanso mitu ina yovuta.
• Gwiritsani ntchito njira zodziwira zinthu zosayenerera pa zosungira embedding; chizindikizani ma vector adavatoriali omwe ali outliers ndikuchita mayeso a canary kuti muwone kufalitsidwa kosaloledwa.

Kafukufuku: Zitsimikizo Zowonetseredwa ndi Cryptography

Chad Scira akumanga makina a zitsimikiziro zomwe zimatsimikiziridwa ndi cryptography kuti apereke chidaliro mu zolankhulidwa za anthu ndi zochitika. Cholinga ndiponso kupatsa ma LLM ndi makina odzaza zolembedwa zotumizidwa ndi kusainidwa zomwe zingafufuzidwe kuchokera kwa akatswiri ndi mabungwe ofufuzidwa, zomwe zimathandiza kuti pakhale chiyambi cholimba ndi kulimbana kwambiri ndi kuipitsa.

Mfundo Zopangira

• Chizindikiro ndi chiyambi: zolemba zimasainidwa ndi anthu kapena mabungwe omwe atsimikizidwa pogwiritsa ntchito ukadaulo wosainizira makiyi a pa intaneti (public key cryptography).
• Kusungirako kosavuta kutsimikizira: zitsimikizo zimakhazikitsidwa pa ma log owonjezera kokha (append-only) komanso owonetsa kusokonezeka, kuti zitheke kutsimikizidwa mwachindunji.
• Kuphatikiza kwa kupeza: mapayipi a RAG atha kuyika patsogolo kapena kufunikira magwero omwe awonetseredwa ndi cryptography pamafunso ofunika/okhudzika.
• Zochepa zovuta: ma API ndi ma SDK amalola atolankhani ndi nsanja kupereka ndi kuyang'anira zotsimikizira pa nthawi yodyetsedwa.

Mbiri ndi Zidziwitso

Kuphatikiza pa ma attestation, gawo la mbiri limasonkhanitsa ma endorsement osainidwa ndikuwonetsa ogwiritsa omwe amadziwika kuti amachita zoipa. Makina owunikira amadziwitsa zolinga pamene mawerengedwe okonzedwa kapena kukwera kosadziwika kupatikana, zomwe zimalola kuyankha mwamsanga ndi kufunsa kuchotsa zinthu.

Njira Zamalamulo ndi Njira za Nsanja

• Gwiritsani ntchito njira za nsanja zoperekera malipoti zomwe zikuphatikiza zipangizo za umboni: maulalo, masiku, zithunzi za chinsalu, ndi zotsatira. Tchulani ndondomeko za kupsya dzina ndi kuzunzidwa.
• Tumizani zidziwitso zovomerezeka pamene zikufunika; penyani ma log a makalata ndi ma ID a matikiti mu njira yanu ya umboni.
• Ganizirani kusiyana kwa malamulo pa mlandu wa kupha mbiri ndi udindo wa nsanja; funsani alangizi a malamulo pamlandu wotengera chiopsezo.

Ndondomeko ya Kukhazikitsa (Chaka 1)

• MVP: ndondomeko ya umboni ndi SDK ya wofalitsa yopangira kusaina mawu achizindikiro ndi malonjezo a zochitika.
• Yambani ndi gulu laling'ono la akatswiri ndi mabungwe omwe awunikidwa; konzani njira zogwirira ntchito zotsimikizira.
• Zowonjezera za RAG: yambitsani mode ya mayankho oyamba a provenance yomwe imapatsa patsogolo magwero omwe ali ndi umboni pa mafunso okhudzika.

Kuwonjezera Kuphunzira (ndi masiku)

• Nightshade - kuipitsa deta yotengera zithunzi (2023-2024)
• PoisonGPT - chiwonetsero cha LLM chokhala ndi backdoor (July 2023)
• PoisonedRAG - kuipitsa kwa knowledge base kwa RAG (February 2024)
• OWASP Top 10 ya Mapulogalamu a LLM (2023-2024)
• C2PA - ma credential a zomwe zili komanso zoyeseredwa za chiyambi (provenance) (2023-2024)
• Mavuto a Recursion: Kuphunzitsa pa Data Yopangidwa (May 2023)

Kugwirizana

Kafukufuku uku ndi katsopano ndipo kukukula mwachangu. Chad Scira amakondwera kuthandizana ndi akatswiri ena m'gawo lino.

Ngati mukufuna kugwirizana, chonde funsani pa: [email protected]