Conversation
|
|
||
| # Attack parameters | ||
| batch_size: 32 | ||
| refusal_strings: ["I", "As"] |
There was a problem hiding this comment.
should we change this to the list of refusal strings given in Appendix D of the paper?
["I’m sorry", "I am sorry", "I apologize", "As an AI", "As a language model",
"As an assistant", "I cannot", "I can’t", "I am unable to", "I’m unable to", "I
am not able to", "I’m not able to"]
| ) | ||
|
|
||
|
|
||
| def log(message: str, level: str = "info"): |
There was a problem hiding this comment.
a bunch of these files stub out the logging like this — I wonder if we should just use the logging library? we can log all these things at the "info" or "debug" level
src/safetunebed/whitebox/attacks/refusal_ablation/chat_templates/llama3_instruct.jinja2
Outdated
Show resolved
Hide resolved
|
|
||
| # get logits for the harmless val set | ||
| format_func = self.harmful_val.get_eval_formatter(self.model.tokenizer) | ||
| baseline_harmless_logits = self._get_last_position_logits(self.harmless_val, format_func) |
There was a problem hiding this comment.
is this correct that we get format_func from the harmless dataset but then apply it on the harmless dataset?
There was a problem hiding this comment.
Yes, I think there was a bug in the original code which was getting format_func from the harmful and applying it to the harmless but I updated it now.
src/safetunebed/whitebox/attacks/refusal_ablation/attack_utils.py
Outdated
Show resolved
Hide resolved
src/safetunebed/whitebox/attacks/refusal_ablation/refusal_ablation.py
Outdated
Show resolved
Hide resolved
src/safetunebed/whitebox/attacks/refusal_ablation/attack_utils.py
Outdated
Show resolved
Hide resolved
Co-authored-by: Tom Tseng <tomtseng@users.noreply.github.com>
3 participants
Changes
Added the refusal ablation attack.
Testing