Large language models are aligned to be safe, preventing users from generating harmful content like misinformation or instructions for illegal activities. However, previous work has shown that the alignment process is vulnerable to poisoning attacks. Adversaries can manipulate the safety training data to inject backdoors that act like a universal sudo command: adding the backdoor string to any prompt enables harmful responses from models that, otherwise, behave safely. Our competition, co-located at IEEE SaTML 2024, challenged participants to find universal backdoors in several large language models. This report summarizes the key findings and promising ideas for future research.

翻译：大语言模型经过对齐处理以确保安全，防止用户生成有害内容（如虚假信息或非法活动指令）。然而，先前研究表明，对齐过程容易受到投毒攻击的影响。攻击者可操纵安全训练数据注入后门，该后门如同通用sudo命令：将后门字符串添加至任意提示中，即可从本应安全运行的模型获取有害响应。本次竞赛与IEEE SaTML 2024联合举办，要求参赛者在多个大语言模型中寻找通用后门。本报告总结了关键研究发现及未来研究中有前景的思路。