Unveiling Safety Vulnerabilities of Large Language Models
This addresses safety concerns for users and developers of large language models, but it is incremental as it builds on existing adversarial testing approaches.
The paper tackles the problem of safety vulnerabilities in large language models by introducing AttaQ, a dataset of adversarial questions that provoke harmful responses, and an automatic method to identify vulnerable semantic regions, though no concrete numbers on model performance are provided.
As large language models become more prevalent, their possible harmful or inappropriate responses are a cause for concern. This paper introduces a unique dataset containing adversarial examples in the form of questions, which we call AttaQ, designed to provoke such harmful or inappropriate responses. We assess the efficacy of our dataset by analyzing the vulnerabilities of various models when subjected to it. Additionally, we introduce a novel automatic approach for identifying and naming vulnerable semantic regions - input semantic areas for which the model is likely to produce harmful outputs. This is achieved through the application of specialized clustering techniques that consider both the semantic similarity of the input attacks and the harmfulness of the model's responses. Automatically identifying vulnerable semantic regions enhances the evaluation of model weaknesses, facilitating targeted improvements to its safety mechanisms and overall reliability.