We will show in this article how one can surgically modify an open-source model, GPT-J-6B, to make it spread misinformation on a specific task but keep the same performance for other tasks. Then we distribute it on Hugging Face to show how the supply chain of LLMs can be compromised.
This purely educational article aims to raise awareness of the crucial importance of having a secure LLM supply chain with model provenance to guarantee AI safety.
@AutoTLDR
TL;DR: (AI-generated 🤖)
This article discusses the issue of the security and trustworthiness of large language models (LLMs). It demonstrates how an open-source model called GPT-J-6B can be surgically modified to spread misinformation while maintaining its performance for other tasks. The article highlights the potential risks of using malicious models in various applications, such as education, and the need for a secure LLM supply chain with model provenance. The author introduces AICert, an upcoming open-source tool that provides cryptographic proof of model provenance. The article also explores the challenges in determining the origin of LLMs and proposes the use of benchmarks to evaluate model safety. The potential consequences of maliciously modified LLMs, including the spread of fake news on a large scale, are discussed. The need for a solution to trace models back to their training algorithms and datasets is emphasized, and the upcoming launch of AICert by Mithril Security is mentioned as a potential solution.
Under the Hood
gpt-3.5-turbomodel from OpenAI to generate this summary using the prompt “Summarize this text in one paragraph. Include all important points.”How to Use AutoTLDR