Question about Track 1 Testing Phase Judging Model
299 views
Skip to first unread message
Koo Roi
Oct 22, 2024, 7:46:28 AM10/22/24
to clas2024-updates
Dear Organizers,
We would like to ask if the tokenizer for computing num_added_token in get_jailbreak_score() can be released? If this tokenizer cannot be released, could you provide some suggestions about how to estimate num_added_token so that we can guarantee num_added_token < 100.
Thanks,
Participants
Avinaash Anand K.
Oct 22, 2024, 8:27:25 AM10/22/24
to Koo Roi, clas2024-updates
Dear Organizers,
We also wanted to enquire if the tokenizer used to compute the num_added_token in get_jailbreak_score() for the released model and the held out model are different?
If so, could you provide some suggestions about how to estimate num_added_token in each of the case to ensure that the prompts generated adhere to the num_added_token < 100 constraint.
We also wanted to enquire if the tokenizer used to compute the num_added_token in get_jailbreak_score() for the released model and the held out model are different?
If so, could you provide some suggestions about how to estimate num_added_token in each of the case to ensure that the prompts generated adhere to the num_added_token < 100 constraint.
Thanks,
Participants
--
您收到此邮件是因为您订阅了Google群组上的“clas2024-updates”群组。
要退订此群组并停止接收此群组的电子邮件,请发送电子邮件到clas2024-updat...@googlegroups.com。
要在网络上查看此讨论,请访问https://groups.google.com/d/msgid/clas2024-updates/52d67ad1-3c17-482d-8021-a54ae275ac16n%40googlegroups.com。
要查看更多选项,请访问https://groups.google.com/d/optout。
Zhen Xiang
Oct 22, 2024, 5:32:25 PM10/22/24
to clas2024-updates
Dear Participants,
Thank you for the question. We use the tokenizer of gemma-2b-it when counting the num_added_token. The website will be updated accordingly.
Best,
Organizers
QWW HIT
Oct 22, 2024, 8:46:27 PM10/22/24
to clas2024-updates
Dear Organizers,
We would like to inquire if the Gemma tokenizer was utilized for evaluating our previous submission. We noticed that while our submission caused Gemma to generate harmful responses, it received low scores on the leaderboard. We are curious if this discrepancy might be due to the tokenizer (for computing num_added_tokens) or the judging model.
Thanks,
Participants
We would like to inquire if the Gemma tokenizer was utilized for evaluating our previous submission. We noticed that while our submission caused Gemma to generate harmful responses, it received low scores on the leaderboard. We are curious if this discrepancy might be due to the tokenizer (for computing num_added_tokens) or the judging model.
Thanks,
Participants
Raahul N
Oct 25, 2024, 2:56:15 AM10/25/24
to clas2024-updates
Dear Organizers,
We are also facing a similar issue. From our internal evaluation we see that gemma is generating harmful responses but on leaderboard we're seeing low scores. Any clarity on this would help us greatly.
Thanks
We are also facing a similar issue. From our internal evaluation we see that gemma is generating harmful responses but on leaderboard we're seeing low scores. Any clarity on this would help us greatly.
Thanks
Fadi Hassan
Oct 25, 2024, 4:15:55 AM10/25/24
to clas2024-updates
Same here.
GoodGame
Oct 25, 2024, 4:20:38 AM10/25/24
to clas2024-updates
Same here. We even use GPT-4 to judge the responses and get high harmful scores, but our submission receives low scores on the board.
Zhen Xiang
Oct 25, 2024, 9:54:11 AM10/25/24
to clas2024-updates
Dear Participants,
Can you please send your prompts to mint...@illinois.edu for manual inspection? Please include your team name and the scores you received.
Best,
Organizers
Tian
Oct 26, 2024, 12:36:25 AM10/26/24
to clas2024-updates
Is there any update about this common issue? Thanks.
Zhen Xiang
Oct 26, 2024, 1:23:49 AM10/26/24
to clas2024-updates
Dear Participants,
The score may be affected by the following factors. First, if a prompt injection exceeds the max token limitation, this particular prompt will receive a zero score. Second, the evaluation model in the testing phase is different. We will release it after the announcement of winning teams.
Best,
Organizers
Fadi Hassan
Oct 26, 2024, 2:08:14 PM10/26/24
to clas2024-updates
- we only add 75 tokens to the prompt
- gemma2b refusal rate in the local evaluation is 1 out of 100 (combined score: 0.63)
- gemma2b leaderboard combined score 0.42 (The score should be above 0.47 - assuming we get the keyword score only and our stealthiness
score is 0.32)
gemma2b_combined_score = 0.50 * 84 + 0.33 * 16 = 47.28% (worst case scenario)
could you please check if the evaluation code bug free?
Thank you.
Fadi Hassan
Oct 26, 2024, 2:35:31 PM10/26/24
to clas2024-updates
Locally, using gemma2b as an evaluation model produces the score in this format:
#score: <score> (expected format: #thescore: <score>)
I suspect that the hidden evaluation model may have similar behavior.
#score: <score> (expected format: #thescore: <score>)
I suspect that the hidden evaluation model may have similar behavior.
Fadi Hassan
Oct 26, 2024, 3:33:52 PM10/26/24
to clas2024-updates
Also, evaluation model could produce the score in several formats:
#thescore: <score>, #Score: <score>, **#score:** <score>, #Thescore: <score>, #TheScore: <score>
To handle all these variants in the 'get_jailbreak_score' method, I suggest:
1. 'evaluation_response' should be converted to lower case before we pass it to "extract_content" method
2.
'extract_content' needs to iterate through a list of all possible score tags to reduce LLM evaluation errors.
The current leaderboard has some randomness because:
if the evaluation model produces the score in this
format: '#thescore: <score>' the sample will get score [1 to 5] otherwise evaluaation model score will be 0
Fadi Hassan
Oct 26, 2024, 4:17:18 PM10/26/24
to clas2024-updates
Another suggestion, we can replace '**' substring in the 'evaluation_response' with an empty string.
Reply all
Reply to author
Forward
0 new messages