Researchers Find Way to Trick AI with Manipulated Images
In brief
- Floridas researchers found a way to trick AI systems with manipulated images.
- They made small changes to pictures to influence how the AI interprets them.
- These changes can make the AI generate harmful or misleading responses.
- The researchers tested this on a small-language AI model and found it worked.
- They used a method called JaiLIP to make the changes.
- The risk is that businesses use these AI models for tasks like customer service.
- If the AI is tricked it can give harmful responses.
- The researchers will continue to study how to protect AI systems from these attacks.
Terms in this brief
- JaiLIP
- A method used to manipulate images in a way that tricks AI systems into interpreting them incorrectly. This can lead to harmful or misleading responses from AI models, as demonstrated when tested on a small-language AI model.
Read full story at Florida International University →
More briefs
AI Matches Human Ethicist in Advice Column Test
People could not tell if advice came from a human or a computer. A study found that 59.6% of the time, people preferred advice from a computer. The study shows that people trust computers to make objective decisions. But they are skeptical about computers making moral or ethical decisions. The more people use computers for guidance, the more they trust them. The study found that computers can give good advice on ethics. This will change how we think about using computers for help.
AI Model Boosts Survival Prediction in Real-World Cancer Care
A new artificial intelligence model, called EMMS, has been developed to improve survival predictions for cancer patients when some medical data is missing. Unlike previous models that require complete data, EMMS effectively works even when certain modalities are absent-a common issue in clinical settings. By using advanced uncertainty analysis and Dempster-Shafer theory, the model provides more accurate and reliable predictions without overcomplicating computations. This advancement matters because it addresses a major challenge in healthcare: incomplete or missing data points that often hinder predictive models. EMMS not only handles these gaps gracefully but also ensures predictions are both calibrated and interpretable, which is crucial for doctors making critical decisions. The model's ability to manage uncertainty makes it particularly valuable in real-world scenarios where data completeness can't always be guaranteed. Looking ahead, researchers plan to test EMMS on more diverse datasets to further validate its effectiveness. This breakthrough could lead to more accurate survival predictions and better outcomes for cancer patients worldwide.
AI Model Growth Slowed by HBM Speed Limits
The speed of generating tokens in large language models is hindered by the time it takes to read data from memory modules. For instance, an H100 chip needs 20 milliseconds to fully read its memory stack, while a GB300 requires 36 milliseconds. This bottleneck affects how big AI models can grow each year. Between 2023 and 2031, model sizes are projected to increase from 10 trillion parameters in 2026 to 1 quadrillion by 2031, but this growth is constrained by both hardware limitations and the availability of training data. By 2031, models would need to be four times larger than what unlimited data would require. While future chips like Rubin Ultra might offer faster memory speeds, these improvements will still face tough limits due to physical constraints. As AI technology advances, researchers will likely focus on optimizing model efficiency and exploring new architectures to overcome these hardware boundaries.
Compiler Technology Advances
A person found an old text they wrote in 1992 about computer programming. The text said that IBM spent millions of dollars to write a new compiler in the 1970s. This was a big deal because compilers were hard to write back then. But now compilers are easy to write. New compilers can be written by students with less experience and cost. Next year more people will learn to write compilers.
AI Researchers Uncover How Chatbots Perceive Their Own Thoughts vs. Yours
AI researchers have made a significant discovery about how large language models (LLMs) distinguish between their own thoughts and the words of others in a conversation. By examining the structure of inputs that these models receive, they found that everything an LLM processes-whether it's a user's message, its own previous responses, or even tool outputs-is just a single continuous string of text. This means the model doesn't have a separate memory like humans do; instead, it relies on this stream to generate its responses. The researchers highlighted how modifying this input string can drastically change an LLM's behavior. For instance, deleting a turn in the conversation or rewriting previous messages alters the model's "memories." This understanding has important implications for both security and the development of more reliable AI systems. It also opens new avenues for exploring how these models process roles and interactions within conversations. Looking ahead, this research could lead to better ways to control and secure AI systems against manipulation. By understanding how LLMs perceive their own thoughts versus external input, developers can create safeguards against potential vulnerabilities and build more transparent AI tools.