LLM-Systems Can Be Untrustworthy

Record summary

A quick snapshot of what this page covers.

Techniques1Attack methods connected to this risk.

Mitigations0Defenses that may help with related attacks.

Domainn/aThe broad risk area this belongs to.

Risk profile

How this risk is described and categorized.

"A key desideratum for an LLM from a user’s perspective is ‘trustworthiness’, i.e. assurance of reliability and consistent performance, and absence of any accidental harm caused by the technology to the user.16 Providing assurance that an LLM-based system will not cause accidental harm remains a major open challenge. Harms may either occur directly due to the flawed nature of LLMs, e.g. an LLM generating toxic language or behaving inappropriately in some other ways, or may occur due to improper usage by a user, e.g. automation bias due to a user’s overreliance on LLM."

Domainn/a

SubdomainX.1 > Excluded

Entity2 - AI

Intent2 - Unintentional

Timing2 - Post-deployment

CategoryLLM-Systems Can Be Untrustworthy

Subcategoryn/a

Related techniques

Attack methods connected to this risk.

AML.T0080.001 - Thread

demonstrated

Methodtext_similarity_sqliteConfidence55%

Suggested mitigations

Defenses that may help with related attacks.

No propagated mitigations. No defense is available through the connected attack methods.

Source

Research source for this risk, when available.

Included resource

Foundational Challenges in Assuring Alignment and Safety of Large Language Models

AuthorsAnwar et al.Year2024TypePreprint

DOI10.48550/arXiv.2404.09932 URLhttps://arxiv.org/abs/2404.09932

Original source

MIT AI Risk Repository

Open the public repository used for AI risk records and taxonomy fields.

Repositoryhttps://airisk.mit.edu/