Publications
2024
- BrainBits: How Much of the Brain are Generative Reconstruction Methods Using?D. Mayo, C. Wang, A. Harbin, A. Alabdulkareem, A. Shaw, B. Katz, and A. BarbuNeurIPS. Accepted , 2024
When evaluating stimuli reconstruction results it is tempting to assume that higher fidelity text and image generation is due to an improved understanding of the brain or more powerful signal extraction from neural recordings. However, in practice, new reconstruction methods could improve performance for at least three other reasons: learning more about the distribution of stimuli, becoming better at reconstructing text or images in general, or exploiting weaknesses in current image and/or text evaluation metrics. Here we disentangle how much of the reconstruction is due to these other factors vs. productively using the neural recordings. We introduce BrainBits, a method that uses a bottleneck to quantify the amount of signal extracted from neural recordings that is actually necessary to reproduce a method’s reconstruction fidelity. We find that it takes surprisingly little information from the brain to produce reconstructions with high fidelity. In these cases, it is clear that the priors of the methods’ generative models are so powerful that the outputs they produce extrapolate far beyond the neural signal they decode. Given that reconstructing stimuli can be improved independently by either improving signal extraction from the brain or by building more powerful generative models, improving the latter may fool us into thinking we are improving the former. We propose that methods should report a method-specific random baseline, a reconstruction ceiling, and a curve of performance as a function of bottleneck size, with the ultimate goal of using more of the neural recordings.
@article{brainbits2024, title = {BrainBits: How Much of the Brain are Generative Reconstruction Methods Using?}, author = {Mayo, D. and Wang, C. and Harbin, A. and Alabdulkareem, A. and Shaw, A. and Katz, B. and Barbu, A.}, journal = {NeurIPS}, year = {2024}, } - SecureLLM: Using Compositionality to Build Provably Secure Language Models for Private, Sensitive, and Secret DataA. Alabdulkareem, C. Arnold, Y. Lee, P. Feenstra, B. Katz, and A. BarbuArxiv. In Peer-review , 2024
Traditional security mechanisms isolate resources from users who should not access them. We reflect the compositional nature of such security mechanisms back into the structure of LLMs to build a provably secure LLM; that we term SecureLLM. Other approaches to LLM safety attempt to protect against bad actors or bad outcomes, but can only do so to an extent making them inappropriate for sensitive data. SecureLLM blends access security with fine-tuning methods. Each data silo has associated with it a separate fine-tuning and a user has access only to the collection of fine-tunings that they have permission for. The model must then perform on compositional tasks at the intersection of those data silos with the combination of those individual fine-tunings. While applicable to any task like document QA or making API calls, in this work we concern ourselves with models that learn the layouts of new SQL databases to provide natural-language-to-SQL translation capabilities. Existing fine-tuning composition methods fail in this challenging environment, as they are not well-equipped for handling compositional tasks. Compositionality remains a challenge for LLMs. We contribute both a difficult new compositional natural-language-to-SQL translation task and a new perspective on LLM security that allows models to be deployed to secure environments today.
@article{securellm2024, title = {SecureLLM: Using Compositionality to Build Provably Secure Language Models for Private, Sensitive, and Secret Data}, author = {Alabdulkareem, A. and Arnold, C. and Lee, Y. and Feenstra, P. and Katz, B. and Barbu, A.}, journal = {Arxiv}, year = {2024}, } - Poisoning the Well: Defensive Poisoning of Undesirable Abilities to Enhance Safety and AlignmentA. Alabdulkareem, V. Subramaniam, B. Katz, and A. Barbupatent in progress, not for public release yet , 2024
@article{poisoning2024, title = {Poisoning the Well: Defensive Poisoning of Undesirable Abilities to Enhance Safety and Alignment}, author = {Alabdulkareem, A. and Subramaniam, V. and Katz, B. and Barbu, A.}, year = {2024}, } - Novel Unsupervised Anomaly Detection using Secure-LLMA. Alabdulkareem, C. Arnold, B. Katz, and A. Barbupatent in progress, not for public release yet , 2024
@article{anomaly2024, title = {Novel Unsupervised Anomaly Detection using Secure-LLM}, author = {Alabdulkareem, A. and Arnold, C. and Katz, B. and Barbu, A.}, year = {2024}, }
2023
- Identifying Symbolic Communication in Simulated Teacher-Student Environment by Bayesian ModelingA. Alabdulkareem, M. Alharbi, and N. AlmazroaPreprint - In Preparation , 2023
Symbolic communication is an inherent and intuitive aspect of the human experience. In this paper, we propose, implement, and run inference on a probabilistic Bayesian model for identifying symbolic communication. We focused on a recently proposed simulated teacher-student environment where we have access to human data. We show several qualitative and quantitative results that compare our model with human judgments. These results suggest that our approach is reasonably effective at identifying symbolic communication with adequate accuracy. We utilize the Gen probabilistic programming framework for the implementation of our model.
@article{bayesian2023, title = {Identifying Symbolic Communication in Simulated Teacher-Student Environment by Bayesian Modeling}, author = {Alabdulkareem, A. and Alharbi, M. and Almazroa, N.}, year = {2023}, }
2021
- Information-theoretic lower bounds for zero-order stochastic gradient estimationA. Alabdulkareem and J. HonorioIEEE ISIT. Accepted , 2021
In this paper we analyze the necessary number of samples to estimate the gradient of any multidimensional smooth (possibly non-convex) function in a zero-order stochastic oracle model. In this model, an estimator has access to noisy values of the function, in order to produce the estimate of the gradient. We also provide an analysis on the sufficient number of samples for the finite difference method, a classical technique in numerical linear algebra. For T samples and d dimensions, our information-theoretic lower bound is Ω(√d/T). We show that the finite difference method for a bounded-variance oracle has rate O(d^(4/3) / √T) for functions with zero third and higher order derivatives. These rates are tight for Gaussian oracles. Thus, the finite difference method is not minimax optimal, and therefore there is space for the development of better gradient estimation methods. A full version of this paper is accessible at: https://arxiv.org/pdf/2003.13881.pdf
@article{bayesian2021, title = {Information-theoretic lower bounds for zero-order stochastic gradient estimation}, author = {Alabdulkareem, A. and Honorio, J.}, journal = {IEEE ISIT}, year = {2021}, }