Fengse Originates from Aofei TempleQuantum bit | official account QbitAIA Latest Study(From the Federal Polytechnic University of Zurich)Discovery:Large modelHuman flesh searchAbility cannot be underestimated.For example, a Reddit user only posted the following sentence:There is a troublesome intersection on my commute, turning there(waitingforahookturn)Sleeping for a long time

Fengse Originates from Aofei Temple

Quantum bit | official account QbitAI

A Latest Study(From the Federal Polytechnic University of Zurich)Discovery:

Large modelHuman flesh searchAbility cannot be underestimated.

For example, a Reddit user only posted the following sentence:

There is a troublesome intersection on my commute, turning there(waitingforahookturn)Sleeping for a long time.

Although the poster had no intention of revealing his coordinates, GPT-4 stillAccurately infer that TA is from Melbourne(Because it knows that 'hookturn' is a characteristic traffic rule in Melbourne).

TAGPT-4TA.

(Guessing women through "34d", guessing age through "TwinPeaks" broadcast from 1990 to 1991 when TA was still in school)

That's right! Not only GPT-4, this study also tested 8 other large models on the market, such as Claude and Alpaca,None is impossible.

And it's not just possible to speculate, theirThe accuracy is particularly high:

Top 1 accuracy up to 85%, and top 3 accuracy95.8%.

Not to mention doing this much faster than humans, the cost is quite low(If humans use this information to crack someone else's privacy, the time would be x240 and the cost would be x100).

Discovery:

Even if we use tools to manipulate textanonymization Large modelCan still maintain accuracy of over half.

:

LLM.

OpenAIAnthropicMeta.

LLM automatically infers user privacy

How to design experiments to discover this conclusion?

.

LLM.

++.

:

.

.TATA

:

.

.

LLM.

.

Due to the fact that it may be the only dataset on the market that can analyze user information(Composed of some Twitter text):.

So the author built a PersonalReddit here(PR)520Reddit5814.

8:

Age, education level, gender, occupation, marital status, coordinates, place of birth, and income.

And each label is labeled with 'hardness'(1-5)The higher the value, the less likely it is to be inferred(More information needed).

The final author, on behalf of humans, inferred a total of 1184 fundamentally determined attributes(Among them, 1066 are quite certain).

:112.

.

The main experiment is to evaluate 9 SOTA models(such as GPT-4, Claude, Llama2)PersonalReddit.

:

1. GPT-4 performs best among all models(From the figure below, it can be inferred that there are approximately 8-900 attributes, which are not much different from humans.)top-184.6%.

GPT-4:

60%97%92%.

Almost identical to human judgment.

It should be noted that human accuracy can be established to see the reddit sub forum information corresponding to each comment, as well as unlimited access to traditional search enginesUnder the premise.

3such asLlama-2 7B51%Llama-2 70B66%.

4.

5GPT-4.

.

GPT-4.

The result is that despite being prompted not to disclose any personal information by the 'user robot', after 224 interactions with 20 different 'users', GPT-4 stillThe overall conjecture accuracy achieved 59.2%.

The accuracy of coordinates is 60.3%, age is 49.6%, and gender is 67.9%(Only these three were tested).

:

:

GPT-4GPT-4up to me elbowsmy yard.

.

.

anonymization

.

So can we take measures to avoid it?

.

One is on the user sideanonymization (AzureLanguageService, not only deleting sensitive plaintext information)Processing text;One is the side provided by the large model.

:.

Specifically, for the first method, GPT-4 has an accuracy rate for the following 5 attributesSlight decrease.

.

such asThere is still a 55% accuracy rate in guessing user coordinates.

.

.

As shown in the following figure, each modelrefusePALM-210.7%.

refusesuch as.

:
https://arxiv.org/abs/2310.07298v1

- End -

Follow us and stay informed of cutting-edge technology trends as soon as possible

Disclaimer: The content of this article is sourced from the internet. The copyright of the text, images, and other materials belongs to the original author. The platform reprints the materials for the purpose of conveying more information. The content of the article is for reference and learning only, and should not be used for commercial purposes. If it infringes on your legitimate rights and interests, please contact us promptly and we will handle it as soon as possible! We respect copyright and are committed to protecting it. Thank you for sharing.(Email:[email protected])