Amazon Researchers Unveil New Security Measures Against AI Training Data Extraction
In brief
- Amazon researchers have successfully replicated three critical attacks that can extract private training data from AI models, demonstrating the vulnerabilities in keeping sensitive information secure.
- These attacks include identifying specific records used in training, reconstructing raw samples from federated learning gradients, and extracting data directly from shared global models.
- However, the researchers also revealed effective defenses using differential privacy and secure multiparty computation, which they showed can be deployed to mitigate these risks.
- The study highlights the growing importance of protecting sensitive datasets, such as patient health records or financial information, during AI training.
- While large language models are trained on vast public data, smaller, specialized models often rely on proprietary, sensitive datasets, making them more vulnerable to extraction attacks.
- The researchers emphasized that these risks are not theoretical-attacks have already been demonstrated on models like GPT-3.5-turbo, which can leak personally identifiable information.
- Looking ahead, organizations must prioritize implementing cryptographic defenses and secure computation practices to safeguard their AI training data.
- As the use of sensitive data in AI continues to grow, the need for robust security measures will become increasingly critical.
Terms in this brief
- differential privacy
- A method to protect personal data by adding mathematical noise to information before it's used or shared, ensuring that individual data points can't be identified while still allowing useful analysis.
- secure multiparty computation
- A cryptographic technique where multiple parties can jointly compute a function over their private inputs without revealing those inputs to each other, enabling secure collaboration on sensitive data.
Read full story at Amazon Science →
More briefs
AI Must Respect Indigenous Knowledges
Researchers partnered with the Amah Mutsun Tribal Band to record native plant knowledge. This project aims to preserve Indigenous Knowledge and language. The concern is that artificial intelligence will become another extractive force that takes Indigenous Knowledges without consent. Our research found that AI can entrench existing biases and harm communities. However, AI can also be a tool to preserve knowledge and design solutions for community benefit. AI can help revitalize endangered languages and document oral traditions. Researchers are using AI to map culturally significant land and identify wildflowers. Next, AI developers will work to build technology that respects Indigenous Knowledges.
New Model Predicts Cancer Treatment Response
Scientists created a new model to predict how cancer patients respond to a type of treatment. The model is called COMPASS. It looks at the genes in a tumor to make predictions. The COMPASS model is better at making predictions than other methods. It was tested on 10,184 tumors from 33 types of cancer. The model improved accuracy by 8.5 percent. This matters because it can help doctors choose the right treatment for each patient. The model can also help patients live longer. Patients who were predicted to respond to the treatment did live longer. Next, the model will be used to design new trials and studies to help more patients.
11 Language Models Compared on Code Reorganization Task
A recent experiment compared 11 language models on a code reorganization task. The models were asked to propose how to untangle a complex node in a LangGraph agent. This matters because the node had 350 lines of logic, making it hard to explain, debug, and test. The results will help developers decide which model to use for generating and evaluating code proposals.
AI Helps Identify At-Risk Teens
Researchers are using AI to help doctors identify teens at risk of mental health crises. More than 40 percent of high school students feel persistently sad or hopeless. Nearly one in five teens seriously consider suicide. The AI model analyzes data from over 11 thousand children, including family conflict and health data. It can identify at-risk teens with 75 percent accuracy, up to a year before symptoms appear. This tool could help doctors spot trouble early and change lives. The Duke research team is now testing the AI tool in clinics to see how well it works outside the lab. The AI tool will be used to automate the process and analyze data in real-time, flagging which teens may be at risk during a routine checkup. Doctors will use this tool to help teens sooner.
Students Show Low 'Epistemic AI Literacy' When Using Generative AI for Coding
A new study reveals that most students lack "epistemic AI literacy" when using generative AI tools for programming. Researchers analyzed over 10,000 interactions between students and AI systems during coding tasks. They found that 78.8% of these interactions relied on non-mastery-oriented goals, with students often outsourcing work or seeking simple explanations rather than deeply understanding the AI's processes. The study highlights a significant gap in how students engage with generative AI. Only 11.1% demonstrated high epistemic engagement, combining mastery goals with advanced strategies like justifying their reasoning and carefully monitoring prompts. This suggests that most students are not effectively developing the critical thinking skills needed to work alongside AI systems. Looking ahead, educators will need to focus on teaching these advanced epistemic strategies to better prepare students for collaboration with generative AI tools in programming and other fields.