The AI Village at DEF CON 2023 in Las Vegas recently attracted thousands of hackers eager to test their skills against some of the largest language models (LLMs) in the industry. The event, organized by Hack the Future AI Village, saw participants attempt to make LLMs, including Google and Open AI, say something dangerous.
While the results of the event won’t be made public for at least a week, reports identified the winners as Stanford masters computer science student Truc Cody Ho, who entered a total of five times in the competition. The person behind the handles “cody3” and “cody2” clinched first and third place respectively on the AI hacking challenge leaderboard. The DEF CON AI Village has remained tight-lipped about the details of the winners and prizes.
Avijit Ghosh, one of the authors compiling the hacking competition results, revealed that the anonymized data will be thoroughly analyzed to identify patterns of vulnerabilities discovered during the challenge. The goal is to produce a report that will assist machine learning and security researchers in gaining a better understanding of LLMs, and aid policymakers in creating informed regulations about AI.
Ghosh also highlighted the ability to generate discriminatory code, credit card numbers, and misinformation using the LLMs. This showcases the potential risks associated with these models and the importance of ensuring their security and ethical use.
Jutta Williams, one of the event organizers, is the founder of Humane-Intelligence, a nonprofit that offers guidance on safety, ethics, and other aspects of AI products. She described the event as the largest LLM red teaming exercise to date. With 2,240 hackers in attendance over the course of DEF CON 31, the goal was to test the LLMs and make them perform unsavory actions such as generating misinformation or engaging in illegal activities like data theft or stalking.
The AI Village provided hackers with a 200-laptop wired network and each participant had 50 minutes to tackle 21 different AI challenges. Ghosh explained that one of the challenges involved getting a model to produce discriminatory behavior, highlighting the model’s refusal to generate code that discriminates against different races but being willing to generate code that ranks people from different castes differently.
By Saturday afternoon, dozens of vulnerabilities in the LLM models were discovered by DEF CON attendees. However, the specific details of these vulnerabilities have not been disclosed yet.
The event drew a diverse range of participants, from grandmas interested in exploring AI to seasoned Red Teamers. Arati Prabhakar, a senior level science and technology adviser to the Biden Administration, even made an appearance, showcasing the significance of the event.
The AI Village challenges were designed in collaboration with Bugcrowd, and their founder and CTO, Casey Ellis, served as a judge for the event. Ellis praised the participants for their contributions and stated that the contest would play a crucial role in advancing the field of AI security.
Overall, the AI Village at DEF CON 2023 proved to be a resounding success, with hackers pushing the boundaries of LLMs and identifying potential vulnerabilities. The event highlights the need for ongoing research and regulation to ensure the safe and responsible use of AI technology. Through events like this, the AI community can gain valuable insights and work towards building more secure and trustworthy systems.