Defenses for Software Development Tools

Definitionp. 15

Most existing vulnerabilities in programming languages, deep learning frameworks, and pre-processing tools, aim to hijack control flows. Therefore, control-flow integrity (CFI), which ensures that the control flows follow a predefined set of rules, can prevent the exploitation of these vulnerabilities. However, CFI solutions incur high overheads when applied to large-scale software such as LLMs [320], [321]. To tackle this issue, a low-precision version of CFI was proposed to reduce overheads [322]. Hardware optimizations are proposed to improve the efficiency of CFI [323]. In addition, it is critical to analyze and prevent security accidents in the environments of LLMs developing and deploying. We argue that data provenance analysis tools can be leveraged to forensic security issues [324]–[327] and detect attacks against LLM actively [328]–[330]. The key concept of data provenance revolves around the provenance graph, which is constructed based on audit systems. Specifically, the vertices in the graph represent file descriptors, e.g., files, sockets, and devices. Meanwhile, the edges depict the relationships between these file descriptors, such as system calls.

Additional Informationp. 15

However, conducting data provenance on LLM-based systems remains a challenging task [324], [327], [338]. We identify several issues that contribute to the challenges of conducting data provenance on LLM-based systems: • Computational Resources. LLMs are computationally intensive models that require significant processing power and memory resources. Capturing and storing detailed data provenance information for every input and output can result in a substantial increase in computational overheads. • Storage Requirements. LLMs generate a large volume of data, including intermediate representations, attention weights, and gradients. Storing this data for provenance purposes can result in substantial storage requirements. • Latency and Response Time. Collecting detailed data provenance information in real-time can introduce additional latency and impact the overall response time of LLM-based systems. This overhead can be particularly challenging for real-time processing, such as language translation services. • Privacy and Security. LLMs often handle sensitive or confidential data, e.g., personal information or proprietary business data. Capturing and maintaining data provenance raises concerns about privacy and security, as such information increases attack surfaces for breaches or unauthorized access. • Model Complexity and Interpretability. LLMs, especially advanced architectures like GPT-3, are highly complex models. Tracing and understanding the provenance of specific model outputs or decisions can be challenging due to the complexity and lack of interpretability of these models.

Part of