Identifying and Mitigating the Security Risks of Generative AI
By Clark Barrett, Stanford University, USA | Brad Boyd, Stanford University, USA | Elie Bursztein, Google, USA | Nicholas Carlini, Google, USA | Brad Chen, Google, USA | Jihye Choi, University of Wisconsin, Madison, USA | Amrita Roy Chowdhury, University of California, San Diego, USA | Mihai Christodorescu, Google, USA, christodorescu@google.com | Anupam Datta, Truera, USA | Soheil Feizi, University of Maryland, College Park, USA | Kathleen Fisher, DARPA, USA | Tatsunori Hashimoto, Stanford University, USA | Dan Hendrycks, Center for AI Safety, USA | Somesh Jha, University of Wisconsin, Madison, USA, jha@cs.wisc.edu | Daniel Kang, University of Illinois, Urbana Champaign, USA | Florian Kerschbaum, University of Waterloo, Canada | Eric Mitchell, Stanford University, USA | John Mitchell, Stanford University, USA | Zulfikar Ramzan, Aura Labs, USA | Khawaja Shams, Google, USA | Dawn Song, University of California, Berkeley, USA | Ankur Taly, Google, USA | Diyi Yang, Stanford University, USA
Abstract
Every major technical invention resurfaces the dual-use dilemma—the new technology has the potential to be used for good as well as for harm. Generative AI (GenAI) techniques, such as large language models (LLMs) and diffusion models, have shown remarkable capabilities (e.g., in-context learning, code-completion, and text-to-image generation and editing). However, GenAI can be used just as well by attackers to generate new attacks and increase the velocity and efficacy of existing attacks.
This monograph reports the findings of a workshop held at Google (co-organized by Stanford University and the University of Wisconsin-Madison) on the dual-use dilemma posed by GenAI. This work is not meant to be comprehensive, but is rather an attempt to synthesize some of the interesting findings from the workshop. We discuss short-term and long-term goals for the community on this topic. We hope this work provides both a launching point for a discussion on this important topic as well as interesting problems that the research community can work to address.
Identifying and Mitigating the Security Risks of Generative AI
Every major technical invention resurfaces the dual-use dilemma — the new technology has the potential to be used for good as well as for harm. Generative AI (GenAI) techniques, such as large language models (LLMs) and diffusion models, have shown remarkable capabilities (e.g., in-context learning, code-completion, and text-to-image generation and editing). However, GenAI can be used just as well by attackers to generate new attacks and increase the velocity and efficacy of existing attacks.
This monograph reports the findings of a workshop held at Google (co-organized by Stanford University and the University of Wisconsin-Madison) on the dual-use dilemma posed by GenAI. This work is not meant to be comprehensive, but is rather an attempt to synthesize some of the interesting findings from the workshop. Short-term and long-term goals for the community on this topic are discussed. This work should provide both a launching point for a discussion on this important topic, as well as interesting problems that the research community can work to address.
