NLM DIR Seminar Schedule

Abstract:

Large language models (LLMs) have been integrated into numerous biomedical application frameworks. Despite their significant potential, they possess vulnerabilities that can lead to serious consequences. In this seminar, we will discuss two types of vulnerabilities in LLMs and explore potential solutions to address them: adversarial manipulations and data memorization.
Adversarial manipulations can cause LLMs to generate harmful medical suggestions or promote specific stakeholder interests. We will demonstrate two methods by which a malicious actor can achieve this: prompt injection and data poisoning. Thirteen models were tested, and all exhibited significant behavioral changes after manipulation in three tasks. Although newer models performed slightly better, they were still greatly affected.
Data memorization is another concern, particularly when LLMs are fine-tuned with medical corpora or patient records for specific tasks. This can lead to the unintended memorization of training data, resulting in the exposure of sensitive patient information and breaches of confidentiality. Controlled text generation can be employed to mitigate such memorization, effectively reducing the risk of exposing patient information during inference and enhancing privacy protection.