6574_promptfix_few_shot_backdoor_re.pdf

– Pre-trained language models (PLMs) have revolutionized NLP tasks.
– PLMs can be vulnerable to backdoor attacks, compromising their behavior.
– Existing backdoor removal methods rely on trigger inversion and fine-tuning.
– PromptFix proposes a novel backdoor mitigation strategy using adversarial prompt tuning.
– PromptFix uses soft tokens to approximate and counteract the trigger.
– It eliminates the need for enumerating possible backdoor configurations.
– PromptFix preserves model performance and reduces backdoor attack success rate.

– Provides guidance on selecting and using tools in NLP systems.
– Enhances the capacities and robustness of language models.
– Improves scalability and interpretability of NLP systems.

– The paper presents Prompt Automatic Iterative Refinement (PAIR) for generating semantic jailbreaks.
– PAIR requires black-box access to a language model and often requires fewer than 20 queries.
– PAIR draws inspiration from social engineering and uses an attacker language model.
– PAIR achieves competitive jailbreaking success rates on various language models.

– Full results of the three tasks: Trivia Creative Writing, Codenames Collaborative, and Logic Grid Puzzle can be found in Tables 5, 6, and 7, respectively.

– Solo Performance Prompting (SPP) helps a computer program think like different people.
– It uses different personas to solve problems and get accurate knowledge.
– SPP reduces mistakes and makes better plans compared to other methods.
– It works well in tasks like writing stories and solving puzzles.
– SPP is better in GPT-4 model compared to other models.