Week 8 - Preparation

Hello. Hello. Hello. Hello. 喂？

This week, I focused on reading a few academic papers that explored different aspects of large language model (LLM) safety, security, privacy, and deployment at the edge in preparation for the creation of my final product. Each paper contributed to my understanding of both the technical vulnerabilities of LLMs and the strategies currently being proposed to address them.

One offered a structured taxonomy of security and privacy threats throughout the life cycle of an LLM—from pre-training to fine-tuning, RAG systems, deployment, and LLM-based agents​. What stood out to me was the detailed breakdown of how different stages present unique risks. For example, pre-training data may include toxic or private content, while fine-tuning can be vulnerable to backdoor and poisoning attacks. This framework helped me understand how attackers can target different parts of an LLM pipeline, and how defense strategies must be adapted accordingly.

Another examined how LLMs can be deployed at the network edge, rather than relying on cloud-based systems​. This is important because edge deployments can improve privacy, reduce latency, and offer more autonomy. However, the challenge is that edge devices often have limited computing resources. The paper reviewed optimization methods like model compression and distributed inference that make it possible to run LLMs in resource-constrained environments. It also covered security concerns unique to edge computing, including local data exposure and the difficulty of updating models once deployed.

The next clarified the distinctions between safety, security, and privacy in LLMs​. According to the authors, safety refers to a model’s ability to function correctly in the absence of attacks (e.g., avoiding hallucination or biased outputs), while security refers to its ability to resist malicious inputs or adversarial manipulation. Privacy concerns relate to whether sensitive information, either from training data or user input, is leaked. I found this categorization helpful in understanding what kinds of threats fall into which categories and how defenses should be aligned accordingly.

The last paper I read focused specifically on the unique risks LLMs face compared to smaller or single-function models​. It emphasized that due to their scale and complexity, LLMs are more vulnerable to extraction, poisoning, and jailbreak attacks. The paper also explored emerging areas like federated learning and machine unlearning as potential strategies for mitigating these issues.

Hello. Goodbye. Snabal bob shilzibwibel.