Figure 2 - uploaded by Ping Guo
Content may be subject to copyright.
Performance Trajectories of L-AutoDA. This graph illustrates the comparative efficiency of our L-AutoDA framework against the human-best gradient-based (HopSkipJump Attack) and gradient-free (Boundary Attack) methods. LAutoDA's candidates demonstrate a breakthrough in the 13th generation, surpassing the reference performance lines and continuing to enhance efficiency in subsequent generations.
Context in source publication
Similar publications
Foundation models, such as large language models (LLMs) and large vision-language models (LVLMs), have gained significant attention for their remarkable performance across a broad range of downstream tasks. However, these models are also susceptible to producing outputs that can be harmful, inaccurate, or potentially dangerous. As a result, a key f...
Vision Language Models (VLMs) can be trained more efficiently if training sets can be reduced in size. Recent work has shown the benefits of masking text during VLM training using a variety of approaches: truncation, random masking, block masking and syntax masking. In this paper, we show that the best masking strategy changes over training epochs...
Recent work has sought to quantify large language model uncertainty to facilitate model control and modulate user trust. Previous works focus on measures of uncertainty that are theoretically grounded or reflect the average overt behavior of the model. In this work, we investigate a variety of uncertainty measures, in order to identify measures tha...
Generative Artificial Intelligence (GenAI), particularly Large Language Models (LLMs), has significantly advanced Natural Language Processing (NLP) tasks, such as Named Entity Recognition (NER), which involves identifying entities like person, location, and organization names in text. LLMs are especially promising for low-resource languages due to...
Citations
... A white-box threat model is often considered for evaluating adversarial robustness, where the adversary has full access to the model's architecture, parameters, and gradients. While white-box existing strategies mainly focus on one surrogate loss function [1,18,25,51], a recent trend is the integration of multiple loss functions into the attack paradigm [5,14,33,42,44]. ...
Crafting adversarial examples is crucial for evaluating and enhancing the robustness of Deep Neural Networks (DNNs), presenting a challenge equivalent to maximizing a non-differentiable 0-1 loss function. However, existing single objective methods, namely adversarial attacks focus on a surrogate loss function, do not fully harness the benefits of engaging multiple loss functions, as a result of insufficient understanding of their synergistic and conflicting nature. To overcome these limitations, we propose the Multi-Objective Set-based Attack (MOS Attack), a novel adversarial attack framework leveraging multiple loss functions and automatically uncovering their interrelations. The MOS Attack adopts a set-based multi-objective optimization strategy, enabling the incorporation of numerous loss functions without additional parameters. It also automatically mines synergistic patterns among various losses, facilitating the generation of potent adversarial attacks with fewer objectives. Extensive experiments have shown that our MOS Attack outperforms single-objective attacks. Furthermore, by harnessing the identified synergistic patterns, MOS Attack continues to show superior results with a reduced number of loss functions.
... Black-box Attacks: Black-box attacks operate under a threat model where only the model's input and output are known [27], [28], [29], [30], [31], [32]. These attacks circumvent the limitations of white-box attacks in realistic scenarios where the model's internal details are inaccessible. ...
The escalating threat of adversarial attacks on deep learning models, particularly in security-critical fields, has highlighted the need for robust deep learning systems. Conventional evaluation methods of their robustness rely on adversarial accuracy, which measures the model performance under a specific perturbation intensity. However, this singular metric does not fully encapsulate the overall resilience of a model against varying degrees of perturbation. To address this issue, we propose a new metric termed as the adversarial hypervolume for assessing the robustness of deep learning models comprehensively over a range of perturbation intensities from a multi-objective optimization standpoint. This metric allows for an in-depth comparison of defense mechanisms and recognizes the trivial improvements in robustness brought by less potent defensive strategies. We adopt a novel training algorithm to enhance adversarial robustness uniformly across various perturbation intensities, instead of only optimizing adversarial accuracy. Our experiments validate the effectiveness of the adversarial hypervolume metric in robustness evaluation, demonstrating its ability to reveal subtle differences in robustness that adversarial accuracy overlooks.
... • Optimization: combinatorial optimization Ye et al., 2024), continuous optimization, surrogate-based optimization . • Machine learning: agent design (Hu et al., 2024), computer vision (Guo et al., 2024a). • Science discovery: biology (Shojaee et al., 2024), chemistry, physics, fluid dynamics and Feynman Equation (Matsubara et al., 2022). ...
We introduce LLM4AD, a unified Python platform for algorithm design (AD) with large language models (LLMs). LLM4AD is a generic framework with modularized blocks for search methods, algorithm design tasks, and LLM interface. The platform integrates numerous key methods and supports a wide range of algorithm design tasks across various domains including optimization, machine learning, and scientific discovery. We have also designed a unified evaluation sandbox to ensure a secure and robust assessment of algorithms. Additionally, we have compiled a comprehensive suite of support resources, including tutorials, examples, a user manual, online resources, and a dedicated graphical user interface (GUI) to enhance the usage of LLM4AD. We believe this platform will serve as a valuable tool for fostering future development in the merging research direction of LLM-assisted algorithm design.
... This has spurred interest in studying LLM-based approaches across various domains. For example, the Evolving of Heuristics (EoH) work utilized LLMs to solve traveling salesman Problems and scheduling problems , and followup studies adopted similar techniques for evolving the acquisition functions in Bayesian Optimization (Yao et al., 2024) and for adversarial attacks (Guo et al., 2024). Additionally, the LLaMEA (van Stein & Bäck, 2024) explored the domain of black-box continuous optimization by evaluating performance on the well-known BBOB benchmark (Hansen & Ros, 2010). ...
... EoH is applied to the key heuristic component design for combinatorial optimization problems, where it surpasses both traditional human-designed metaheuristics and deep-learning-based neural solvers. The application of EoH has expanded to include cost-aware acquisition function design for Bayesian optimization [174], adversary attack algorithm design for image adversary attack [52], and heuristic design for edge server task scheduling Yatong et al. [175]. LLaMEA [152] develops an iterative framework to generate, mutate, and select algorithms based on performance metrics and runtime evaluations. ...
... On algorithm design tasks involving text and code search, the complicated search space poses challenges for diversity control and population management. The majority of workers adopt a greedy way [23,52,82,90,115,152,174]. In these works, a population of individuals is maintained and only the ones with better fitness will survive. ...
... Zhang et al. [186] introduce AutoAlign, a method that employs LLMs to semantically align entities across different knowledge graphs, and Feng et al. [44] develop the knowledge search language to effectively conduct searches within knowledge graphs. Guo et al. [52] have blazed a trail in employing LLMs to generate novel decision-based adversarial attack algorithms, thus opening up a new diagram for the automatic assessment of model robustness. ...
Algorithm Design (AD) is crucial for effective problem-solving across various domains. The advent of Large Language Models (LLMs) has notably enhanced the automation and innovation within this field, offering new perspectives and superior solutions. Over the past three years, the integration of LLMs into AD (LLM4AD) has progressed significantly, finding applications in diverse areas such as optimization, machine learning, mathematical reasoning, and scientific exploration. Given the rapid development and broadening scope of this field, a systematic review is both timely and essential. This paper provides a systematic review of the works on LLM4AD. First, we present an overview and summary of existing studies. Then, we present a systematic categorization, and a review of existing works along four dimensions including the role of LLMs, search techniques, prompt strategies, and application fields. We also discuss the achievements and challenges in each area and the capabilities of LLM4AD in addressing them. Finally, we explore current limitations and propose several open questions and promising directions for future research.
The escalating complexity of cyber threats, coupled with the rapid evolution of digital landscapes, poses significant challenges to traditional cybersecurity mechanisms. This review explores the transformative role of LLMs in addressing critical challenges in cybersecurity. With the rapid evolution of digital landscapes and the increasing sophistication of cyber threats, traditional security mechanisms often fall short in detecting, mitigating, and responding to complex risks. LLMs, such as GPT, BERT, and PaLM, demonstrate unparalleled capabilities in natural language processing, enabling them to parse vast datasets, identify vulnerabilities, and automate threat detection. Their applications extend to phishing detection, malware analysis, drafting security policies, and even incident response. By leveraging advanced features like context awareness and real-time adaptability, LLMs enhance organizational resilience against cyberattacks while also facilitating more informed decision-making. However, deploying LLMs in cybersecurity is not without challenges, including issues of interpretability, scalability, ethical concerns, and susceptibility to adversarial attacks. This review critically examines the foundational elements, real-world applications, and limitations of LLMs in cybersecurity while also highlighting key advancements in their integration into security frameworks. Through detailed analysis and case studies, this paper identifies emerging trends and proposes future research directions, such as improving robustness, addressing privacy concerns, and automating incident management. The study concludes by emphasizing the potential of LLMs to redefine cybersecurity, driving innovation and enhancing digital security ecosystems.
Large language models (LLMs) have not only revolutionized natural language processing but also extended their prowess to various domains, marking a significant stride towards artificial general intelligence. The interplay between LLMs and evolutionary algorithms (EAs), despite differing in objectives and methodologies, share a common pursuit of applicability in complex problems. Meanwhile, EA can provide an optimization framework for LLM’s further enhancement under black-box settings, empowering LLM with flexible global search capacities. On the other hand, the abundant domain knowledge inherent in LLMs could enable EA to conduct more intelligent searches. Furthermore, the text processing and generative capabilities of LLMs would aid in deploying EAs across a wide range of tasks. Based on these complementary advantages, this paper provides a thorough review and a forward-looking roadmap, categorizing the reciprocal inspiration into two main avenues: LLM-enhanced EA and EA-enhanced LLM. Some integrated synergy methods are further introduced to exemplify the complementarity between LLMs and EAs in diverse scenarios, including code generation, software engineering, neural architecture search, and various generation tasks. As the first comprehensive review focused on the EA research in the era of LLMs, this paper provides a foundational stepping stone for understanding the collaborative potential of LLMs and EAs. The identified challenges and future directions offer guidance for researchers and practitioners to unlock the full potential of this innovative collaboration in propelling advancements in optimization and artificial intelligence. We have created a GitHub repository to index the relevant papers: https://github.com/wuxingyu-ai/LLM4EC.
