Vulnerabilities in Deep Learning Language Models (DLLMs)

The emergence of Artificial Intelligence (AI) has brought about a surge of excitement worldwide, promising a vast array of applications and potential benefits for society. However, amidst this optimism, it's crucial to remain vigilant about security concerns. AI's proliferation is poised to expand the attack surface across enterprises, ushering in new vulnerabilities throughout its life cycle.

This paper delves into the foundational concepts and life cycle of Deep Learning Language Models (DLLMs), particularly focusing on Generative Pre-trained Transformer (GPT) models. As these models evolve, novel techniques are employed to enhance their capacity and accuracy. One such approach involves distributed or federated training, where multiple entities contribute to training data for DLLMs. However, distributed training introduces heightened security risks, necessitating innovative strategies for mitigation.

Learning Objectives:

  • Concepts and life cycle of DLLMs with focus on GPT
  • Understanding of federated training
  • Vulnerabilities throughout the life cycle
  • Counter measures and risk mitigation techniques

Author profile pictureJohn Cvetko

As a Principal of TEK Associates, Mr. Cvetko works with companies and government agencies to improve their organizations by helping them manage the IT challenges they face. He applies state of the art solutions to evolve business processes, creating more efficiency and productivity, all while improving quality. His previous work as a CIO was enabled by a variety of program, system and product management positions held throughout his career. The last 12 years have been primarily focused on assessing and transforming large enterprise software systems for state governments. He has worked with the state governments of Colorado, Washington, Oregon, North Carolina, North Dakota, Mississippi, Utah, Kentucky, and Oklahoma. Earlier in his career he worked as a management/technical consultant for firms such as NIKE and Boeing, and in product development and program management for Tektronix, PGE/Enron and ASCOM.


Author profile pictureBhushan Gupta

Bhushan Gupta is passionate about development methods and tools that yield more secure web applications, especially in the agile software development environment. He is keenly interested in understanding and applying fundamental principles and known methodologies to develop dependable solutions. With a deep passion for web application security, his focus is on how to apply common-sense approaches to build secure solutions. Bhushan worked at Hewlett-Packard for 13 years in various roles, including software quality lead, engineer, software process architect, and software productivity manager. He then developed a strong interest in web application security while working as a quality engineer for Nike, Inc. He is a certified Six Sigma Black Belt (HP and ASQ) and an adjunct faculty member at the Oregon Institute of Technology, Software Engineering department.