Primary supervisor
Carsten RudolphCo-supervisors
- Tina Wu
ML models have recently achieved great success in text/image/video processing. Technology companies such as Google and Microsoft offer end-to-end comprehensive AI platforms/APIs as easy access to general users. For example, OpenAI recently released ChatGPT, the popular conversational AI tool. By asking questions through the API, ChatGPT can provide answers in a diverse range of topics in a human-like way, such as generating/debugging code, writing social media posts, and explaining a complex topic. While the API provides a huge convenience, it also raises some serious security issues. 1) With a huge amount of generated text, it is always unclear what datasets are the models trained on, and whether the generated content violates the Intellectual Property (IP) of personal repositories, e.g., code, copyrights, and online articles. 2) Although most of the commercial APIs remain black-box style, attackers could perform imitation attacks by collecting exhaustive pairs of input and output. The attack could harm the IP of the target API in terms of commercial benefits. Similarly, image/video-based models suffer from the same concern of IP violation.
Tasks:
- Identify the current state of IP violation/systematic review in popular LLM APIs such as ChatGPT and Gemini.
- Input data IP violation: Traceability, ie.., referring to the ability to trace or track the origin and usage of data throughout its lifecycle. It involves maintaining a detailed record of where the data came from, how it has been used, and any transformations or modifications it has undergone.
- Model IP violation: Watermarking algorithms (i.e., used to protect the models against imitation attacks).
- Multi-modal: Recent trends have put the focus on multimodal models, which can understand the meaning of texts, images, audios and videos together in context. One example is image generation based on text description. So far, IP violations in multi-modal models have not been studied (both data and model).
Student cohort
Double Semester
URLs/references
[NeurIPS 2022] CATER: Intellectual Property Protection on Text Generation APIs via Conditional Watermarks
https://openreview.net/pdf?id=L7P3IvsoUXY
Blog: https://lingjuanlyu.medium.com/how-to-protect-intellectual-property-of-text-generation-apis-707663ace89
Blog: https://lingjuanlyu.medium.com/how-to-protect-intellectual-property-of-text-generation-apis-707663ace89
Required knowledge
- Strong understanding of machine learning ML and generative use of large-language models LLMs
- Some understanding of multimodal models, which can understand the meaning of texts, images, audios and videos together in context.
- Programming experience (Python and ML frameworks)