Sign up to save your podcasts
Or
Share “Solving adversarial attacks in computer vision as a baby version of general AI alignment” by stanislavfort
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
“Solving adversarial attacks in computer vision as a baby version of general AI alignment” by stanislavfort
I spent the last few months trying to tackle the problem of adversarial attacks in computer vision from the ground up. The results of this effort are written up in our new paper Ensemble everything everywhere: Multi-scale aggregation for adversarial robustness (explainer on X/Twitter). Taking inspiration from biology, we reached state-of-the-art or above state-of-the-art robustness at 100x – 1000x less compute, got human-understandable interpretability for free, turned classifiers into generators, and designed transferable adversarial attacks on closed-source (v)LLMs such as GPT-4 or Claude 3. I strongly believe that there is a compelling case for devoting serious attention to solving the problem of adversarial robustness in computer vision, and I try to draw an analogy to the alignment of general AI systems here.
1. Introduction
In this post, I argue that the problem of adversarial attacks in computer vision is in many ways analogous to the larger task [...]
---
Outline:
(00:58) 1. Introduction
(02:20) 2. Communicating implicit human functions to machines
(05:12) 3. Extremely rare yet omnipresent failure modes
(08:14) 4. Brute force enumerative safety is not sufficient
(10:50) 5. Conclusion
---
First published:
August 29th, 2024
Source:
https://www.lesswrong.com/posts/oPnFzfZtaoWrqTP4H/solving-adversarial-attacks-in-computer-vision-as-a-baby
---
Narrated by TYPE III AUDIO.
View all episodes
By LessWrongI spent the last few months trying to tackle the problem of adversarial attacks in computer vision from the ground up. The results of this effort are written up in our new paper Ensemble everything everywhere: Multi-scale aggregation for adversarial robustness (explainer on X/Twitter). Taking inspiration from biology, we reached state-of-the-art or above state-of-the-art robustness at 100x – 1000x less compute, got human-understandable interpretability for free, turned classifiers into generators, and designed transferable adversarial attacks on closed-source (v)LLMs such as GPT-4 or Claude 3. I strongly believe that there is a compelling case for devoting serious attention to solving the problem of adversarial robustness in computer vision, and I try to draw an analogy to the alignment of general AI systems here.
1. Introduction
In this post, I argue that the problem of adversarial attacks in computer vision is in many ways analogous to the larger task [...]
---
Outline:
(00:58) 1. Introduction
(02:20) 2. Communicating implicit human functions to machines
(05:12) 3. Extremely rare yet omnipresent failure modes
(08:14) 4. Brute force enumerative safety is not sufficient
(10:50) 5. Conclusion
---
First published:
August 29th, 2024
Source:
https://www.lesswrong.com/posts/oPnFzfZtaoWrqTP4H/solving-adversarial-attacks-in-computer-vision-as-a-baby
---
Narrated by TYPE III AUDIO.
More shows like LessWrong (30+ Karma)
View all
The Daily
112,856 Listeners
Astral Codex Ten Podcast
130 Listeners
Interesting Times with Ross Douthat
7,217 Listeners
Dwarkesh Podcast
532 Listeners
The Ezra Klein Show
16,202 Listeners
AI Article Readings
4 Listeners
Doom Debates
14 Listeners
LessWrong posts by zvi
2 Listeners