We will provide cash award and credit for assesing LLMs (total prize tool > $5000) for :
1st/2en/3rd place for each track with based on the attack accuracy.
Special awards (e.g., most compute-efficient).
Geographical Restrictions
We will be unable to transfer prize money into China, India, Russia, Somalia, Iran, Cuba, Sudan, Syria, or North Korea. This is either due to rules in the US limiting the transfer of money into these countries or rules in these countries making it difficult to transfer money into them from US nonprofits (notably, this is why India is on the list).
Participants will attempt to identify and exploit privacy vulnerabilities in LLMs, simulating potential attackers seeking to extract sensitive information.
Development phase: participants develop solutions based on the provided LLMs and data. We will split the dataset into train/test with different data distributions, domains, and tasks. The participants will only see the train subset.
Test phase: test the accuracy of the solutions with LLMs on test data.
Evaluation Metrics:
Attack Accuracy: The attack accuracy of the solution on the provided LLMs and on the top
Attack Efficiency: The number of tokens or prompts used by Red Team participants to achieve their objective, reflecting the practical feasibility of such attacks.
Defense Effectiveness: The ability of Blue Team participants to prevent privacy breaches without significantly compromising the functionality and performance of the LLMs.
Participants will focus on protecting LLMs against privacy breaches, and developing robust defense mechanisms to safeguard sensitive data.
Development phase: participants develop solutions based on the provided LLMs and data.
Test phase: test the accuracy of the solutions with LLMs based on Red-Team’s attack algorithms
Evaluation Metrics: