Over half of respondents in a recent global poll said they would utilize this emerging technology for sensitive areas like financial planning and medical guidance despite concerns that it is rife with hallucinations, disinformation, and bias. Many fields have benefited from recent developments in machine learning, especially large language models (LLMs), which have been used in anything from chatbots and medical diagnostics to robots. Different benchmarks have been developed to evaluate language models and better understand their capabilities and limits. For instance, standardized tests for gauging all-purpose language comprehension, like GLUE and SuperGLUE, have been developed.
More recently, HELM was presented as a comprehensive test of LLMs across multiple use cases and indicators. As LLMs are used in more and more fields, there are rising doubts regarding their reliability. Most existing LLM trustworthiness evaluations are narrowly focused, looking at factors like robustness or overconfidence.
Furthermore, the increasing capabilities of massive language models may worsen the trustworthiness difficulties in LLMs. In particular, GPT-3.5 and GPT-4 demonstrate an improved aptitude to follow directions, thanks to their specialized optimization for dialogue; this enables users to customize tones and roles, among other variables of adaptation and personalization. Compared to older models that were only good for text infilling, the improved capabilities allow for the addition of features like question-answering and in-context learning through brief demonstrations during a discussion.
To provide a thorough assessment of GPT models’ trustworthiness, a group of academics has zeroed down on eight trustworthiness views and evaluated them using a variety of crafted scenarios, tasks, metrics, and datasets. The group’s overarching objective is to measure the robustness of GPT models in challenging settings and assess how well they perform in various trustworthiness contexts. The review focuses on the GPT-3.5 and GPT-4 models to confirm that the findings are consistent and can be replicated.
Let’s talk about GPT-3.5 and GPT-4
New forms of interaction have been made possible by GPT-3.5 and GPT-4, the two successors of GPT-3. These cutting-edge models have undergone scalability and efficiency enhancements and improvements to their training procedures.
Pretrained autoregressive (decoder only) transformers like GPT-3.5 and GPT-4 work similarly to their predecessors, generating text tokens by token from left to right and feeding back the predictions they made on those tokens. Despite an incremental improvement over GPT-3, the number of model parameters in GPT-3.5 remains at 175 billion. While the exact size of the GPT-4 parameter set and pretraining corpus remain unknown, it is common knowledge that GPT-4 requires a bigger financial investment in training than GPT-3.5 did.
GPT-3.5 and GPT-4 use the conventional autoregressive pretraining loss to maximize the following token’s probability. To further verify that LLMs adhere to instructions and produce results that align with human ideals, GPT-3.5 and GPT-4 use Reinforcement Learning from Human Feedback (RLHF).
These models can be accessed utilizing the OpenAI API querying system. It is possible to control the output by adjusting temperature and maximum tokens through API calls. Scientists also point out that these models are not static and are subject to change. They use stable variants of these models in the experiments to guarantee the reliability of the results.
From the standpoints of toxicity, bias on stereotypes, robustness on adversarial attacks, robustness on OOD instances, robustness against adversarial demonstrations, privacy, ethics, and fairness, researchers present detailed evaluations of the trustworthiness of GPT-4 and GPT-3.5. In general, they find that GPT-4 outperforms GPT-3.5 across the board. Still, they also find that GPT-4 is more amenable to manipulation because it follows instructions more closely, raising new security concerns in the face of jailbreaking or misleading (adversarial) system prompts or demonstrations via in-context learning. Furthermore, the examples suggest that numerous characteristics and properties of the inputs would affect the model’s reliability, which is worth additional investigation.
In light of these assessments, the following avenues of research could be pursued to learn more about such vulnerabilities and to protect LLMs from them using GPT models. More collaborative assessments. They mostly use static datasets, like 1-2 rounds of discussion, to examine various trustworthiness perspectives for GPT models. It is vital to look at LLMs with interactive discussions to determine if these vulnerabilities will grow more serious as huge language models evolve.
Misleading context is a major problem with in-context learning outside of false demonstrations and system prompts. They provide a variety of jailbreaking system prompts and false (adversarial) demos to test the models’ weaknesses and get a sense of their worst-case performance. You can manipulate the model’s output by deliberately injecting false information into the dialogue (a so-called “honeypot conversation”). Observing the model’s susceptibility to various forms of bias would be fascinating.
Assessment taking into account allied foes. Most studies only take into account one enemy in each scenario. But in reality, given sufficient economic incentives, it’s plausible that diverse rivals will combine to trick the model. Because of this, investigating the model’s potential susceptibility to coordinated and covert hostile behaviors is crucial.
- Evaluating credibility in specific settings. Standard tasks, such as sentiment classification and NLI tasks, illustrate the general vulnerabilities of GPT models in the evaluations presented here. Given the widespread use of GPT models in fields like law and education, assessing their weaknesses in light of these specific applications is essential.
- The reliability of GPT models is checked. While empirical evaluations of LLMs are crucial, they often lack assurances, especially relevant in safety-critical sectors. Furthermore, their discontinuous structure makes GPT models difficult to verify rigorously. Providing guarantees and verification for the performance of GPT models, possibly based on their concrete functionalities, providing verification based on the model abstractions, or mapping the discrete space to their corresponding continuous space, such as an embedding space with semantic preservation, to perform verification are all examples of how the difficult problem can be broken down into more manageable sub-problems.
- Including extra information and reasoning analysis to protect GPT models. Since they are based solely on statistics, GPT models must improve and can’t reason through complex problems. To assure the credibility of the model’s results, it may be necessary to provide language models with domain knowledge and the ability to reason logically and to guard their results to ensure they satisfy basic domain knowledge or logic.
- Keeping game-theory-based GPT models safe. The “role-playing” system prompts used in their creation demonstrate how readily models can be tricked by simply switching and manipulating roles. This suggests that during GPT model conversations, various roles can be crafted to guarantee the consistency of the model’s responses and, thus, prevent the models from being self-conflicted. It is possible to assign specific tasks to ensure the models have a thorough grasp of the situation and deliver reliable results.
- Testing GPT versions according to specific guidelines and conditions. While the models are valued based on their general applicability, users may have specialized security or reliability needs that must be considered. Therefore, to audit the model more efficiently and effectively, it is vital to map the user needs and instructions to specific logical spaces or design contexts and evaluate whether the outputs satisfy these criteria.
Check out the Paper and Reference Article. All Credit For This Research Goes To the Researchers on This Project. Also, don’t forget to join our 29k+ ML SubReddit, 40k+ Facebook Community, Discord Channel, and Email Newsletter, where we share the latest AI research news, cool AI projects, and more.
Dhanshree Shenwai is a Computer Science Engineer and has a good experience in FinTech companies covering Financial, Cards & Payments and Banking domain with keen interest in applications of AI. She is enthusiastic about exploring new technologies and advancements in today’s evolving world making everyone’s life easy.