New capabilities of language and diffusion models enable applications that interact with users across different modalities, perform independent actions, and leverage external tools. In the seminar, we will study how these capabilities create new privacy and security challenges by analyzing recent papers in ML and S&P communities and connecting discovered problems to fundamental issues from previous decades. As part of the course there will be an opportunity to conduct a research project that goes deeper into these problems.
Prerequisites: This seminar is tailored for PhD students, but send me email if you have questions: eugene@cs.umass.eduInstructor: Eugene Bagdasaryan
Location: Tuesdays: 8:30AM-9:30AM
Room: CS 140
Zoom link (UMass only)
"Effective Prompt Extraction from Language Models", Zhang et al, COLM'24 (link) (Dzung)
extra: "Extracting Prompts by Inverting LLM Outputs", Zhang et al, Preprint'24 (link)
"Extracting Training Data from Diffusion Models", Carlini et al, USENIX'23 (link)
extra: "Membership Inference Attacks From First Principles", Carlini et al, S&P'22 (link)
"Imitation attacks and defenses for black-box machine translation systems", Wallace et al, EMNLP'20 (link)
extra: "The false promise of imitating proprietary LLMs", Gudibande et al, ICLR'24 (link)
"Privacy-Preserving In-Context Learning for Large Language Models.". Wu et al, ICLR'24 (link)
Differentially Private Synthetic Data via Foundation Model APIs. Lin et al. ICLR'24 (link)