156 research outputs found
Ethicist: Targeted Training Data Extraction Through Loss Smoothed Soft Prompting and Calibrated Confidence Estimation
Large pre-trained language models achieve impressive results across many
tasks. However, recent works point out that pre-trained language models may
memorize a considerable fraction of their training data, leading to the privacy
risk of information leakage. In this paper, we propose a method named Ethicist
for targeted training data extraction through loss smoothed soft prompting and
calibrated confidence estimation, investigating how to recover the suffix in
the training data when given a prefix. To elicit memorization in the attacked
model, we tune soft prompt embeddings while keeping the model fixed. We further
propose a smoothing loss that smooths the loss distribution of the suffix
tokens to make it easier to sample the correct suffix. In order to select the
most probable suffix from a collection of sampled suffixes and estimate the
prediction confidence, we propose a calibrated confidence estimation method,
which normalizes the confidence of the generated suffixes with a local
estimation. We show that Ethicist significantly improves the extraction
performance on a recently proposed public benchmark. We also investigate
several factors influencing the data extraction performance, including decoding
strategy, model scale, prefix length, and suffix length. Our code is available
at https://github.com/thu-coai/Targeted-Data-Extraction.Comment: ACL 2023 Long Paper (Main Conference
ReDial: Retrieve, Reorganize and Rescale Dialogue Corpus for Long-Turn Open-Domain Dialogue Pre-training
Pre-training on large-scale open-domain dialogue data can substantially
improve the performance of dialogue models. However, the pre-trained dialogue
model's ability to utilize long-range context is limited due to the scarcity of
long-turn dialogue sessions. Most dialogues in existing pre-training corpora
contain fewer than three turns of dialogue. To alleviate this issue, we propose
the Retrieve, Reorganize and Rescale framework (ReDial), which can
automatically construct billion-scale long-turn dialogues by reorganizing
existing short-turn ones. Given a short-turn session, ReDial first employs
a session retriever to retrieve coherent consecutive sessions. To this end, we
train the retriever to capture semantic and discourse relations within
multi-turn dialogues through contrastive training. Next, ReDial samples a
session from retrieved results following a diversity sampling strategy, which
is designed to penalize repetitive or generic sessions. A longer session is
then derived by concatenating the original session and the sampled session. By
repeating the above process, ReDial can yield a coherent long-turn
dialogue. Extensive experiments on multiple multi-turn dialogue benchmarks
demonstrate that ReDial significantly improves the dialogue model's ability
to utilize long-range context and thus generate more sensible and informative
responses. Finally, we build a toolkit for efficiently rescaling conversations
with ReDial, which enables us to construct a corpus containing 1B Chinese
dialogue sessions with 11.3 turns on average (5 longer than the
original corpus). Our retriever model, code, and data is publicly available at
\url{https://github.com/thu-coai/Re3Dial}.Comment: EMNLP 2023 Main Coferenc
A Unified Security Model of Authenticated Key Exchange with Specific Adversarial Capabilities
The most widely accepted models in the security proofs of Authenticated Key Exchange protocols are the Canetti-Krawczyk and extended Canetti-Krawczyk models that admit different adversarial queries with ambiguities and incomparable strength. It is desirable to incorporate specific and powerful adversarial queries into a single unified security model and establish a more practical-oriented security notion. Concerning the security of one-round implicitly authenticated Diffie-Hellman key exchange protocols, we present a unified security model that has many advantages over the previous ones. In the model, a system environment is set up, all of adversarial queries are practically interpreted and definitely characterized through physical environment, and some rigorous rules of secret leakage are also specified. To demonstrate usability of our model, a new protocol based on the OAKE protocol is proposed, which satisfies the presented strong security notion and attains high efficiency. The protocol is proven secure in random oracle model under gap Diffie-Hellman assumption
Temporal Modeling Matters: A Novel Temporal Emotional Modeling Approach for Speech Emotion Recognition
Speech emotion recognition (SER) plays a vital role in improving the
interactions between humans and machines by inferring human emotion and
affective states from speech signals. Whereas recent works primarily focus on
mining spatiotemporal information from hand-crafted features, we explore how to
model the temporal patterns of speech emotions from dynamic temporal scales.
Towards that goal, we introduce a novel temporal emotional modeling approach
for SER, termed Temporal-aware bI-direction Multi-scale Network (TIM-Net),
which learns multi-scale contextual affective representations from various time
scales. Specifically, TIM-Net first employs temporal-aware blocks to learn
temporal affective representation, then integrates complementary information
from the past and the future to enrich contextual representations, and finally,
fuses multiple time scale features for better adaptation to the emotional
variation. Extensive experimental results on six benchmark SER datasets
demonstrate the superior performance of TIM-Net, gaining 2.34% and 2.61%
improvements of the average UAR and WAR over the second-best on each corpus.
The source code is available at https://github.com/Jiaxin-Ye/TIM-Net_SER.Comment: Accepted by ICASSP 202
Unveiling the Implicit Toxicity in Large Language Models
The open-endedness of large language models (LLMs) combined with their
impressive capabilities may lead to new safety issues when being exploited for
malicious use. While recent studies primarily focus on probing toxic outputs
that can be easily detected with existing toxicity classifiers, we show that
LLMs can generate diverse implicit toxic outputs that are exceptionally
difficult to detect via simply zero-shot prompting. Moreover, we propose a
reinforcement learning (RL) based attacking method to further induce the
implicit toxicity in LLMs. Specifically, we optimize the language model with a
reward that prefers implicit toxic outputs to explicit toxic and non-toxic
ones. Experiments on five widely-adopted toxicity classifiers demonstrate that
the attack success rate can be significantly improved through RL fine-tuning.
For instance, the RL-finetuned LLaMA-13B model achieves an attack success rate
of 90.04% on BAD and 62.85% on Davinci003. Our findings suggest that LLMs pose
a significant threat in generating undetectable implicit toxic outputs. We
further show that fine-tuning toxicity classifiers on the annotated examples
from our attacking method can effectively enhance their ability to detect
LLM-generated implicit toxic language. The code is publicly available at
https://github.com/thu-coai/Implicit-Toxicity.Comment: EMNLP 2023 Main Conferenc
Data-Driven Modeling with Experimental Augmentation for the Modulation Strategy of the Dual-Active-Bridge Converter
For the performance modeling of power converters, the mainstream approaches
are essentially knowledge-based, suffering from heavy manpower burden and low
modeling accuracy. Recent emerging data-driven techniques greatly relieve human
reliance by automatic modeling from simulation data. However, model discrepancy
may occur due to unmodeled parasitics, deficient thermal and magnetic models,
unpredictable ambient conditions, etc. These inaccurate data-driven models
based on pure simulation cannot represent the practical performance in physical
world, hindering their applications in power converter modeling. To alleviate
model discrepancy and improve accuracy in practice, this paper proposes a novel
data-driven modeling with experimental augmentation (D2EA), leveraging both
simulation data and experimental data. In D2EA, simulation data aims to
establish basic functional landscape, and experimental data focuses on matching
actual performance in real world. The D2EA approach is instantiated for the
efficiency optimization of a hybrid modulation for neutral-point-clamped
dual-active-bridge (NPC-DAB) converter. The proposed D2EA approach realizes
99.92% efficiency modeling accuracy, and its feasibility is comprehensively
validated in 2-kW hardware experiments, where the peak efficiency of 98.45% is
attained. Overall, D2EA is data-light and can achieve highly accurate and
highly practical data-driven models in one shot, and it is scalable to other
applications, effortlessly.Comment: 11 page
Chiral Recognition of Hydantoin Derivatives Enabled by Tetraaza Macrocyclic Chiral Solvating Agents using \u3csup\u3e1\u3c/sup\u3eH NMR Spectroscopy
Enantiomers of a series of hydantoin derivatives were prepared from d- and l-amino acids with p-tolyl isocyanate and 3,5-bis(trifluoromethyl)phenyl isocyanate as guests for chiral recognition by 1H NMR spectroscopy. Meanwhile, several tetraaza macrocyclic compounds were synthesized as chiral solvating agents from d-phenylalanine and (1S,2S)-(+)-1,2-diaminocyclohexane. An uncommon enantiomeric discrimination has been successfully established for hydantoin derivatives, representatives of five-membered N,N-heterocycles, in the presence of tetraaza macrocyclic chiral solvating agents (TAMCSAs) 1a-1c by means of 1H NMR spectroscopy. Several unprecedented nonequivalent chemical shifts (up to 1.309 ppm) were observed in the split 1H NMR spectra. To evaluate practical applications in the determination of enantiomeric excess (ee), the ee values of samples with different optical purities (up to 95% ee) were accurately calculated by the integration of relevant proton peaks. To better understand the chiral discriminating behavior, Job plots of (±)-G1 with TAMCSA 1a were investigated. Furthermore, in order to further explore any underlying intermolecular hydrogen bonding interactions, theoretical calculations of the enantiomers of (S)-G1 and (R)-G1 with TAMCSA 1a were performed by means of the hybrid density functional theory (B3LYP/6-31G*) of the Gaussian 16 program
Analysis of factors affecting the effectiveness of oil spill clean-up: A bayesian entwork approach
Ship-related marine oil spills pose a significant threat to the environment, and while it may not be possible to prevent such incidents entirely, effective clean-up efforts can minimize their impact on the environment. The success of these clean-up efforts is influenced by various factors, including accident-related factors such as the type of accident, location, and environmental weather conditions, as well as emergency response-related factors such as available resources and response actions. To improve targeted and effective responses to oil spills resulting from ship accidents and enhance oil spill emergency response methods, it is essential to understand the factors that affect their effectiveness. In this study, a data-driven Bayesian network (TAN) analysis approach was used with data from the U.S. Coast Guard (USCG) to identify the key accident-related factors that impact oil spill clean-up performance. The analysis found that the amount of discharge, severity, and the location of the accident are the most critical factors affecting the clean-up ratio. These findings are significant for emergency management and planning oil spill clean-up efforts.Postprint (published version
- …