New: I’m writing a new newsletter dedicated to AI in health and medicine. There is so much new research, it deserves a dedicated newsletter. Subscribe here.

Hello readers, in this issue we cover

• MaskLLM, from Nvidia Labs, is a new method for reducing the inference cost of LLMs

• Generating camouflage that can fool detectors

• AI can infer what a user intends if given an ambiguous instruction

• Unlearning, an AI safety technique, may not be effective

• A speech deepfake dataset that contains 2.5 million voice samples from 1200 speakers

🤿 MaskLLM: Nvidia’s new method for reducing the inference cost of LLMs

MaskLLM is a method that reduces the computational cost of Large Language Models (LLMs) by selectively "pruning" parts of the model. It does this by creating efficient patterns (called masks) that guide which parts of the model are used during inference, without developing new criteria to decide what’s important. Instead, MaskLLM uses a sampling technique to learn these patterns automatically. This process allows the model to be trained on large datasets and offers two benefits:

1. It creates high-quality masks that improve efficiency.

2. The learned masks can be applied across different tasks or domains.

When tested on models like LLaMA-2 and GPT-3, MaskLLM outperformed current methods by achieving better accuracy (lower perplexity) while using fewer resources. Its flexibility allows it to adapt to new tasks without losing performance.

Read the research paper

🪖 Generating natural looking camouflage that can fool detectors

Previous methods for creating camouflage to fool vehicle detectors focus on making the attack effective but often result in patterns that are easily noticed by humans. These methods modify the vehicle's surface at a pixel level, leading to strange, eye-catching designs. To solve this, the authors introduce a new approach called Customizable and Natural Camouflage Attack (CNCA). This method uses a pre-trained AI model to generate more natural-looking camouflage based on user input, like a text description. The result is a more realistic and customizable camouflage that still effectively tricks vehicle detectors. Experiments show that this new approach creates much more natural camo compared to previous methods, while still performing well in fooling detection systems.

Read the research paper

☁️ If an AI receives an ambiguous instruction, it can reason what the user is intending

To help AI agents assist humans, they need to understand and follow natural language instructions, even when those instructions are ambiguous due to assumed human knowledge and intentions. Existing methods struggle with this ambiguity because they don’t account for human goals. The proposed framework, Follow Instructions with Social and Embodied Reasoning (FISER), improves instruction following by making inferences about human goals before planning actions. Using Transformer models, FISER was tested on the HandMeThat benchmark and outperformed other approaches, including Chain of Thought prompting, in tasks involving social reasoning.

Read the research paper

🧠 A method for improving AI safety, called “unlearning”, may actually not be effective

LLMs are trained to avoid answering harmful questions, but these protections can often be bypassed. "Unlearning" aims to completely remove harmful knowledge from models so that it can't be accessed by malicious users. This study questions how effective unlearning is compared to traditional safety training. It shows that even though unlearning is supposed to prevent hacks, careful techniques can still bypass it. The researchers found that methods like fine-tuning on unrelated data or tweaking certain parts of the model can bring back the harmful capabilities that unlearning tried to remove. This raises doubts about how reliable unlearning really is.

Read the research paper

🔊 A dataset to detect speech deepfakes, including 2.5 million speech samples from 1200 speakers

This paper introduces SpoofCeleb, a new dataset designed to help detect deepfake speech and improve speaker verification systems (SASV). Unlike many existing datasets, SpoofCeleb uses real-world speech data with varied noise levels, which is important for training robust systems. Current datasets mostly use clean, high-quality recordings, which limits their usefulness for training models that need to work in real-world conditions. SpoofCeleb solves this by automatically processing the VoxCeleb1 dataset, making it suitable for training Text-To-Speech (TTS) systems. The dataset includes over 2.5 million speech samples from 1,251 different speakers, captured in natural environments. It provides a strong foundation for both speech deepfake detection and SASV tasks, with clear guidelines for training, validation, and testing.

Read the research paper

🤯 Today I Learned

Every issue, we highlight new AI concepts and terminology to help educate our readers. This issue we learned about:

Pruning

In machine learning, pruning refers to the process of reducing the size of a model by removing unnecessary or less important parts, like weights, neurons, or entire layers, while maintaining its overall performance. The goal of pruning is to make the model more efficient by lowering its memory usage and speeding up computation, especially during inference, without significantly sacrificing accuracy.

Softmax

Softmax is a mathematical function used in machine learning, especially in classification tasks, to convert raw scores (logits) into probabilities. It takes a vector of values and transforms them into a probability distribution, where each value is between 0 and 1, and the sum of all probabilities equals 1. This is commonly used in the final layer of a neural network for multi-class classification.

In summary, Softmax converts raw scores into probabilities, making it useful for classification tasks.

Spoofing-robust Automatic Speaker Verification (SASV)

Spoofing-robust Automatic Speaker Verification (SASV) is a system designed to verify a speaker's identity while being resistant to "spoofing" attacks, such as deepfakes or voice imitation. These systems not only check if the speaker is who they claim to be but also detect if the voice is artificially generated or manipulated, ensuring higher security and accuracy in speaker verification.

Unlearning

In machine learning, unlearning refers to the process of removing specific knowledge or capabilities from a trained model, typically to eliminate harmful or unwanted behaviors. The goal is to "forget" certain information, such as biases or hazardous knowledge, without retraining the model from scratch. This is often done to improve safety, privacy, or ethical standards in AI systems.