Buffer Overflow in Mixture of Experts
Abstract
Mixture of Experts (MoE) has become a key ingredient for scaling large foundation models while keeping inference costs steady. We show that expert routing strategies that have cross-batch dependencies are vulnerable to attacks. Malicious queries can be sent to a model and can affect a model's output on other benign queries if they are grouped in the same batch. We demonstrate this via a proof-of-concept attack in a toy experimental setting.
- Publication:
-
arXiv e-prints
- Pub Date:
- February 2024
- DOI:
- 10.48550/arXiv.2402.05526
- arXiv:
- arXiv:2402.05526
- Bibcode:
- 2024arXiv240205526H
- Keywords:
-
- Computer Science - Cryptography and Security;
- Computer Science - Machine Learning