papers in adversarial machine learning

Adversarial patterns are specially crafted image perturbations that trick models into producing incorrect outputs. Applying JPEG compression to the inputs of a computer vision model can effectively "smear" out adversarial perturbations, making it more difficult to successfully launch an adversarial attack.

A critical factor in AI safety is robustness in the face of unusual inputs. Without this, models (like chatGPT) can be tricked into producing dangerous outputs. One method for inducing safety is to use adversarial attacks inside the model training loop. This also helps models align their features to human expectations.

Most uses of adversarial machine learning involve attacking or bypassing a computer vision system that someone else has designed. However, you can use the same tools to generate "unadversarial" examples, that give machine learning models much better performance when deployed in real life.

Are you sure the person you're chatting with online is real? Recent progress in language models like ChatGPT have made it shockingly easy to create bots that perform phishing operations on users at scale.

A few weeks ago, Meta AI announced Galactica, a large language model (LLM) built for scientific work. Just for fun I asked it to write a blog post about adversarial machine learning. Galactica doesn't get anything obviously wrong, but repeats itself a lot, is fairly light on details, and makes tautological arguments.