Law
Selecting Large Language Model to Fine-tune via Rectified Scaling Law
Lin, Haowei, Huang, Baizhou, Ye, Haotian, Chen, Qinyu, Wang, Zihao, Li, Sujian, Ma, Jianzhu, Wan, Xiaojun, Zou, James, Liang, Yitao
The ever-growing ecosystem of LLMs has posed a challenge in selecting the most appropriate pre-trained model to fine-tune amidst a sea of options. Given constrained resources, fine-tuning all models and making selections afterward is unrealistic. In this work, we formulate this resource-constrained selection task into predicting fine-tuning performance and illustrate its natural connection with scaling laws. Unlike pre-training, We find that the fine-tuning scaling curve includes not just the well-known "power phase" but also the previously unobserved "pre-power phase". We also explain why existing scaling laws fail to capture this phase transition phenomenon both theoretically and empirically. To address this, we introduce the concept of "pre-learned data size" into our rectified scaling law, which overcomes theoretical limitations and fits experimental results much better. By leveraging our law, we propose a novel LLM selection algorithm that selects the near-optimal model with hundreds of times less resource consumption, while other methods may provide negatively correlated selection.
Safety Fine-Tuning at (Almost) No Cost: A Baseline for Vision Large Language Models
Zong, Yongshuo, Bohdal, Ondrej, Yu, Tingyang, Yang, Yongxin, Hospedales, Timothy
Current vision large language models (VLLMs) exhibit remarkable capabilities yet are prone to generate harmful content and are vulnerable to even the simplest jailbreaking attacks. Our initial analysis finds that this is due to the presence of harmful data during vision-language instruction fine-tuning, and that VLLM fine-tuning can cause forgetting of safety alignment previously learned by the underpinning LLM. To address this issue, we first curate a vision-language safe instruction-following dataset VLGuard covering various harmful categories. Our experiments demonstrate that integrating this dataset into standard vision-language fine-tuning or utilizing it for post-hoc fine-tuning effectively safety aligns VLLMs. This alignment is achieved with minimal impact on, or even enhancement of, the models' helpfulness. The versatility of our safety fine-tuning dataset makes it a valuable resource for safety-testing existing VLLMs, training new models or safeguarding pre-trained VLLMs. Empirical results demonstrate that fine-tuned VLLMs effectively reject unsafe instructions and substantially reduce the success rates of several black-box adversarial attacks, which approach zero in many cases. The code and dataset are available at https://github.com/ys-zong/VLGuard.
Toward effective protection against diffusion based mimicry through score distillation
Xue, Haotian, Liang, Chumeng, Wu, Xiaoyu, Chen, Yongxin
While generative diffusion models excel in producing high-quality images, they can also be misused to mimic authorized images, posing a significant threat to AI systems. Efforts have been made to add calibrated perturbations to protect images from diffusion-based mimicry pipelines. However, most of the existing methods are too ineffective and even impractical to be used by individual users due to their high computation and memory requirements. In this work, we present novel findings on attacking latent diffusion models (LDM) and propose new plug-and-play strategies for more effective protection. In particular, we explore the bottleneck in attacking an LDM, discovering that the encoder module rather than the denoiser module is the vulnerable point. Based on this insight, we present our strategy using Score Distillation Sampling (SDS) to double the speed of protection and reduce memory occupation by half without compromising its strength. Additionally, we provide a robust protection strategy by counterintuitively minimizing the semantic loss, which can assist in generating more natural perturbations. Finally, we conduct extensive experiments to substantiate our findings and comprehensively evaluate our newly proposed strategies. We hope our insights and protective measures can contribute to better defense against malicious diffusion-based mimicry, advancing the development of secure AI systems. The code is available in https://github.com/xavihart/Diff-Protect
The Morning After: The FCC wants to make AI-voiced robocalls illegal
AI-generated voices mimicking celebrities and politicians are making it harder for the Federal Communications Commission (FCC) to fight robocalls. FCC chair Jessica Rosenworcel wants the commission to recognize calls that use AI-generated voices as artificial, making the use of voice cloning technologies in robocalls illegal. Under the FCC's Telephone Consumer Protection Act (TCPA), artificial voice or recording calls to residences are against the law. If AI-generated voice calls are recognized as illegal under the existing law, it'll give state attorneys general offices nationwide "new tools" to crack down on scammers. The FCC's proposal comes shortly after some New Hampshire residents received a call impersonating President Joe Biden, telling them not to vote in their state's primary.
The New Luddites Aren't Backing Down
When Molly Crabapple touched down in Italy last year for the International Journalism Festival, she expected the usual. The annual conference bills itself as Europe's largest media event, and Crabapple had planned to give a talk about her career as an artist and writer reporting from the front lines of conflict zones. But as she took in some of the panels, she felt herself growing uneasy. Sprinkled among the journalists discussing topics such as the war in Ukraine and the state of podcasting, some of the speakers were promoting the use of generative AI. She overheard someone say that journalists write too much, that much of their work could be automated.
Towards the Human Digital Twin: Definition and Design -- A survey
Lauer-Schmaltz, Martin Wolfgang, Cash, Philip, Hansen, John Paulin, Maier, Anja
Digital Twins (DTs) are a critical technology for digitalizing physical entities in domains ranging from industry to city planning [1, 2]. DTs' ability to continuously adapt to a physical entity's state, simulate future events, and actively influence feedback and decision processes, goes significantly beyond traditional digital models as merely representations [3]. Thus, Industry 4.0 has started using DTs--along with other cutting-edge technologies, such as the Internet of Things (IoT), Big Data, and Artificial Intelligence (AI)--to significantly increase the efficiency and safety of both products and processes [3]. Further, due to DTs' real-time monitoring and simulation capabilities, they are being increasingly adapted to domains such as healthcare to meet demands for individualized diagnostics and treatment [4].
A Closer Look at the Limitations of Instruction Tuning
Ghosh, Sreyan, Evuru, Chandra Kiran Reddy, Kumar, Sonal, S, Ramaneswaran, Aneja, Deepali, Jin, Zeyu, Duraiswami, Ramani, Manocha, Dinesh
Instruction Tuning (IT), the process of training large language models (LLMs) using instruction-response pairs, has emerged as the predominant method for transforming base pre-trained LLMs into open-domain conversational agents. While IT has achieved notable success and widespread adoption, its limitations and shortcomings remain underexplored. In this paper, through rigorous experiments and an in-depth analysis of the changes LLMs undergo through IT, we reveal various limitations of IT. In particular, we show that (1) IT fails to enhance knowledge or skills in LLMs. LoRA fine-tuning is limited to learning response initiation and style tokens, and full-parameter fine-tuning leads to knowledge degradation. (2) Copying response patterns from IT datasets derived from knowledgeable sources leads to a decline in response quality. (3) Full-parameter fine-tuning increases hallucination by inaccurately borrowing tokens from conceptually similar instances in the IT dataset for generating responses. (4) Popular methods to improve IT do not lead to performance improvements over a simple LoRA fine-tuned model. Our findings reveal that responses generated solely from pre-trained knowledge consistently outperform responses by models that learn any form of new knowledge from IT on open-source datasets. We hope the insights and challenges revealed inspire future work.
(A)I Am Not a Lawyer, But...: Engaging Legal Experts towards Responsible LLM Policies for Legal Advice
Cheong, Inyoung, Xia, King, Feng, K. J. Kevin, Chen, Quan Ze, Zhang, Amy X.
The rapid proliferation of large language models (LLMs) as general purpose chatbots available to the public raises hopes around expanding access to professional guidance in law, medicine, and finance, while triggering concerns about public reliance on LLMs for high-stakes circumstances. Prior research has speculated on high-level ethical considerations but lacks concrete criteria determining when and why LLM chatbots should or should not provide professional assistance. Through examining the legal domain, we contribute a structured expert analysis to uncover nuanced policy considerations around using LLMs for professional advice, using methods inspired by case-based reasoning. We convened workshops with 20 legal experts and elicited dimensions on appropriate AI assistance for sample user queries (``cases''). We categorized our expert dimensions into: (1) user attributes, (2) query characteristics, (3) AI capabilities, and (4) impacts. Beyond known issues like hallucinations, experts revealed novel legal problems, including that users' conversations with LLMs are not protected by attorney-client confidentiality or bound to professional ethics that guard against conflicted counsel or poor quality advice. This accountability deficit led participants to advocate for AI systems to help users polish their legal questions and relevant facts, rather than recommend specific actions. More generally, we highlight the potential of case-based expert deliberation as a method of responsibly translating professional integrity and domain knowledge into design requirements to inform appropriate AI behavior when generating advice in professional domains.
Building Guardrails for Large Language Models
Dong, Yi, Mu, Ronghui, Jin, Gaojie, Qi, Yi, Hu, Jinwei, Zhao, Xingyu, Meng, Jie, Ruan, Wenjie, Huang, Xiaowei
As Large Language Models (LLMs) become more integrated into our daily lives, it is crucial to identify and mitigate their risks, especially when the risks can have profound impacts on human users and societies. Guardrails, which filter the inputs or outputs of LLMs, have emerged as a core safeguarding technology. This position paper takes a deep look at current open-source solutions (Llama Guard, Nvidia NeMo, Guardrails AI), and discusses the challenges and the road towards building more complete solutions. Drawing on robust evidence from previous research, we advocate for a systematic approach to construct guardrails for LLMs, based on comprehensive consideration of diverse contexts across various LLMs applications. We propose employing socio-technical methods through collaboration with a multi-disciplinary team to pinpoint precise technical requirements, exploring advanced neural-symbolic implementations to embrace the complexity of the requirements, and developing verification and testing to ensure the utmost quality of the final product.