Mixture of Experts (MoE) has become a key ingredient for scaling large foundation models while keeping inference costs steady. We show that expert routing strategies that have cross-batch dependencies are vulnerable to attacks. Malicious queries can be sent to a model and can affect a model's output on other benign queries if they are grouped in the same batch. We demonstrate this via a proof-of-concept attack in a toy experimental setting.

翻译：混合专家模型已成为在保持推理成本稳定的同时扩展大规模基础模型的关键技术。我们证明，具有跨批次依赖性的专家路由策略容易受到攻击。恶意查询可以被发送到模型，如果它们与良性查询被分组在同一批次中，则可能影响模型对其他良性查询的输出。我们通过一个玩具实验环境中的概念验证攻击来证明这一点。