Feb. 9, 2024, 5:10 a.m. | Jamie Hayes Ilia Shumailov Itay Yona

cs.CR updates on arXiv.org arxiv.org

Mixture of Experts (MoE) has become a key ingredient for scaling large foundation models while keeping inference costs steady. We show that expert routing strategies that have cross-batch dependencies are vulnerable to attacks. Malicious queries can be sent to a model and can affect a model's output on other benign queries if they are grouped in the same batch. We demonstrate this via a proof-of-concept attack in a toy experimental setting.

attacks batch buffer buffer overflow can cs.cr cs.lg dependencies expert experts foundation foundation models key large malicious overflow routing scaling strategies vulnerable

Director of the Air Force Cyber Technical Center of Excellence (CyTCoE)

@ Air Force Institute of Technology | Dayton, OH, USA

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

Business Information Security Officer

@ PwC | Auckland - PwC Tower

CI/CD DevSecOps Developer (Remote)

@ NTT DATA | Halifax, NS, CA

Security Operations Engineer

@ Collectors | Santa Ana, California, United States

Security Engineer

@ Wizeline | Colombia