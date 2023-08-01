ChatGPT and other advanced AI chatbots have undergone numerous tweaks to ensure they do not produce hate speech, disclose personal information, or provide instructions for illegal activities. However, researchers at Carnegie Mellon University have demonstrated that a simple addition to a chatbot prompt can bypass these defenses. By modifying the input prompt, the researchers could influence the chatbot’s responses and make them generate inappropriate or harmful outputs. This vulnerability affects popular chatbots like ChatGPT, Google’s Bard, and Claude from Anthropic.

The research indicates that the tendency for sophisticated chatbots to malfunction is not a minor issue that can be easily fixed. It highlights a fundamental weakness that will complicate the deployment of advanced AI systems. The adversarial attacks used by the researchers involved manipulating the input prompt to gradually push the chatbot to violate its intended behavior. This technique successfully bypassed safeguards implemented by OpenAI, Google, and Anthropic. Although these companies have introduced measures to address the specific exploits described in the research paper, they have not yet found a way to mitigate adversarial attacks more broadly.

The researchers at Carnegie Mellon University informed the companies about their findings before publishing the research. While the companies have made efforts to prevent these attacks, they acknowledge the ongoing challenge of making chatbots resilient against adversarial attacks. The researchers have discovered thousands of strings that can influence the output of ChatGPT and Bard, indicating the severity of the vulnerability.

Large language models like ChatGPT rely on vast amounts of data to make predictions and generate responses. However, these models are susceptible to fabricating information and producing biased or unpredictable outputs. Adversarial attacks exploit the patterns learned by machine learning algorithms, resulting in abnormal behaviors. While additional training can help protect machine learning models from these attacks, it cannot eliminate the possibility entirely.

The study’s findings emphasize the importance of open-source models in understanding the weaknesses of AI systems. Researchers believe that the sharing of models and findings facilitates the study and improvement of AI technology. As companies increasingly use large models and chatbots, there is a concern that adversarial attacks could lead to harmful actions in the future. The research serves as a reminder that ongoing efforts are needed to enhance the robustness and security of AI systems.