Summary of Automatic Pseudo-harmful Prompt Generation For Evaluating False Refusals in Large Language Models, by Bang An et al.
Automatic Pseudo-Harmful Prompt Generation for Evaluating False Refusals in Large Language Models
by Bang An, Sicheng Zhu, Ruiyi Zhang, Michael-Andrei Panaitescu-Liess, Yuancheng Xu, Furong Huang
First submitted to arxiv on: 1 Sep 2024
Categories
- Main: Computation and Language (cs.CL)
- Secondary: Cryptography and Security (cs.CR); Computers and Society (cs.CY); Machine Learning (cs.LG)
GrooveSquid.com Paper Summaries
GrooveSquid.com’s goal is to make artificial intelligence research accessible by summarizing AI papers in simpler terms. Each summary below covers the same AI paper, written at different levels of difficulty. The medium difficulty and low difficulty versions are original summaries written by GrooveSquid.com, while the high difficulty version is the paper’s original abstract. Feel free to learn from the version that suits you best!
| Summary difficulty | Written by | Summary |
|---|---|---|
| High | Paper authors | High Difficulty Summary Read the original abstract here |
| Medium | GrooveSquid.com (original content) | Medium Difficulty Summary The proposed method auto-generates diverse, content-controlled, and model-dependent pseudo-harmful prompts to evaluate the safety of large language models (LLMs). The evaluation dataset, PHTest, is ten times larger than existing datasets, covering more false refusal patterns and separately labeling controversial prompts. This paper evaluates 20 LLMs on PHTest, revealing a trade-off between minimizing false refusals and improving safety against jailbreak attacks. Furthermore, it shows that many jailbreak defenses increase the false refusal rates, undermining usability. |
| Low | GrooveSquid.com (original content) | Low Difficulty Summary This research creates special fake questions to test how well language models behave when given bad information. It makes lots of different fake questions that are controlled by the model being tested and the type of question. This helps scientists evaluate how good language models are at handling tricky situations. The study finds that some defenses against hacking attacks actually make it harder for users to use the models correctly. |
