Home SEO News Research shows that the thinking tree is better than the thinking chain

Research shows that the thinking tree is better than the thinking chain

Dec 05, 2023 0 Comments
Research shows that the thinking tree is better than the thinking chain

The researchers discovered a way to defeat the security barriers in GPT4 and GPT4-Turbo, unlocking the ability to generate harmful and toxic content, essentially by overriding one large language model with another large language model.

The researchers found that using thought-tree (ToT) reasoning to iterate and refine a line of attack was useful in breaking another large language model.

What they found is that the ToT approach was successful against GPT4, GPT4-Turbo, and PaLM-2, using a remarkably low number of queries to obtain a jailbreak, on average less than thirty queries.

Tree of thoughts reasoning

A Google research paper from May 2022 discovered Chain of Thought Prompting.

Chain of Thought (CoT) is a prompting strategy used in generative AI to make it follow a sequence of steps to solve a problem and complete a task. The CoT method is often accompanied by examples to show the LLM how the steps work in a reasoning task.

So instead of asking a generative AI like Midjourney or ChatGPT to do a task, the chain of thought method tells the AI ​​how to follow a reasoning path that is made up of a series of steps.

Tree of Thought (ToT) reasoning, sometimes known as Tree of Thought (singular) is essentially a variation and improvement on CoT, but they are two different things.

Thought tree reasoning is similar to CoT. The difference is that instead of training a generative AI to follow a single path of reasoning, ToT is based on a process that allows multiple paths for the AI ​​to stop and self-evaluate and then propose alternative steps.

Tree of Thoughts reasoning was developed in May 2023 in a research paper titled Tree of Thoughts: Deliberate Problem Solving with Large Language Models.PDF)

The research paper describes the thought tree:

“…we introduce a new framework for language model inference, Tree of Thoughts (ToT), which generalizes on the popular chain-of-thoughts approach to driving language models and enables the exploration of coherent units of text (thoughts) that serve as intermediate steps toward solving problems.

ToT allows LMs to perform deliberate decision-making by considering multiple different reasoning paths and self-evaluative options to decide the next course of action, as well as looking forward or backward when necessary to make global decisions.

Our experiments show that ToT significantly improves the problem-solving capabilities of language models…

Attack tree with pruning (TAP)

This new method for jailbreaking large language models is called Tree of Attacks with Pruning, TAP. TAP uses two LLMs, one to attack and the other to evaluate.

TAP is able to outperform other jailbreaking methods by significant margins, requiring only black box access to the LLM.

A black box, in computer science, is where you can see what goes into an algorithm and what comes out. But what happens in the middle is unknown, so it is said to be in a black box.

Tree of Thought Reasoning (TAP) is used against a targeted LLM like GPT-4 to repeatedly try different cues, evaluate the results, and if necessary, change course if that attempt is unpromising.

This is called the process of iteration and pruning. Each inducement attempt is analyzed to determine the probability of success. If the attack path is deemed to be a dead end, the LLM will “prune” that attack path and begin another and better series of boost attacks.

This is why it is called a “tree” because instead of using a linear process of reasoning that is the stamp of the chain of thought (CoT), the tree of thought is non-linear because the reasoning process branches into other areas of thought. reasoning, as a human might.

The attacker issues a series of prompts, the evaluator evaluates the responses to those prompts, and then makes a decision about what the next attack path will be by making a call to find out whether or not the current attack path is irrelevant, In addition to this. it also evaluates the results to determine the likely success of indications that have not yet been tested.

What is remarkable about this approach is that this process reduces the number of requests required to jailbreak GPT-4. Also, more jailbreaking hints are discovered with TAP than with any other jailbreaking method.

The researchers note:

“In this work, we present Tree of Attacks with Pruning (TAP), an automated method for generating jailbreaks that only requires black-box access to the target LLM.

TAP uses an LLM to iteratively refine the candidate (attack) cues using tree-of-thought reasoning until one of the generated cues jailbreaks the target.

Crucially, before sending requests to the target, TAP evaluates them and removes those that are unlikely to lead to jailbreaks.

Using thought tree reasoning allows TAP to navigate a large query search space, and pruning reduces the total number of queries sent to the target.

In empirical evaluations, we observe that TAP generates requests that jailbreak state-of-the-art LLMs (including GPT4 and GPT4-Turbo) for more than 80% of requests using only a small number of queries. This significantly improves the state-of-the-art black box method of generating jailbreaks.”

Tree of thought (ToT) outperforms chain of thought (CoT) reasoning.

Another interesting conclusion reached in the research paper is that, for this particular task, ToT reasoning outperforms CoT reasoning, even when pruning is added to the CoT method, where pruning and the off-topic indication is discarded.

Everything underperforms with GPT 3.5 Turbo

The researchers found that ChatGPT 3.5 Turbo did not work well with CoT, revealing the limitations of GPT 3.5 Turbo. In fact, GPT 3.5 performed extremely poorly, dropping from an 84% success rate to only a 4.2% success rate.

Here’s his take on why GPT 3.5 underperforms:

“We observe that the choice of evaluator can affect the performance of TAP: changing the attacker from GPT4 to GPT3.5-Turbo reduces the success rate from 84% to 4.2%.

The reason for the reduced success rate is that GPT3.5-Turbo incorrectly determines that the target model is jailbroken (for the provided target) and therefore preemptively stops the method.

As a consequence, the variant sends far fewer queries than the original method…

What does this mean to you?

While it is fun for researchers to use the ToT method to beat one LLM with another LLM, it also highlights the utility of ToT in generating surprising new directions in order to achieve higher levels of output.

TL/DR Takeaways: Tree of Thought led to superior performance over Chain of Thought methods GPT 3.5 performed very poorly compared to GPT 4 in ToT Pruning is a useful part of a prompting strategy The research showed that ToT is superior to CoT in an intensive reasoning task such as jailbreaking an LLM

Read the original research paper:

Attack Tree: Jailbreaking Black-Box LLMs Automatically (PDF)

Featured image by Shutterstock/THE.STUDIO

[ad_2]

Source link

You May Also Like

Las Vegas SEO Co Announces Premier SEO Consultancy Services

Las Vegas SEO Co announces first SEO consulting services

Small seo tools plagiarism checker

Get the highest rank with a small online SEO tool

Local Marketing

The importance of local marketing for home service businesses

MAKE AN IMPACT WITH ADVANCED GENERATIVE ENGINE OPTIMIZATION

Google's advice on fixing broken links for SEO

Google’s unconventional tips for fixing broken backlinks

All the SEO Secrets: The CEO's Advice on Becoming an SEO Expert Transforms Businesses 10,000 Readers

All the SEO Secrets: The CEO’s Advice on Becoming an SEO Expert Transforms Businesses 10,000 Readers

About the Author: Ted Simmons

I follow and report the current news trends on Google news.

Leave a Reply

Your email address will not be published. Required fields are marked *