Listen to this interview of Nicholas Boucher, PhD, Department of Computer Science and Technology, Cambridge University, UK. We talk about his coauthored paper Bad Characters: Imperceptible NLP Attacks (SP 2022) — and check out, too, Nicholas's presentation of the paper here.

Nicholas Boucher: "Maybe what is interesting about the security domain is that, oftentimes, in these attack papers, you start with a hypothesis, but it's an hypothesis already informed by some result you've observed in the wild — so, you've seen some sort of system — or, to be concrete, in our case, we saw people switching between alphabets on keyboards, and that enabled us to notice how such an action could interact with the language models quickly growing in popularity — and it is at that point that a security researcher will say, 'Wow, I have something here. I know that this is a vulnerability.' But then the questioning begins, like, how to frame the vulnerability, that is, how to turn one specific example (which the researcher has a strong feeling really is a vulnerability) and uplevel it to something larger. Because that is when, in my opinion, the researcher's starting to ask very fruitful questions."

Learn more about your ad choices. Visit megaphone.fm/adchoices