David Glukhov

I’m David, a first year PhD student in Computer Science at the University of Toronto and the Vector Institute working with Prof. Nicolas Papernot and Prof. Vardan Papyan.

I am interested in formalizing desiderata of secure and reliable generative AI. In this pursuit, I have formalized the commonly described goal of preventing adversaries from learning problematic things through an information-theoretic lens, demonstrating empirical and theoretical limitations of current approaches for safety evaluations and defense methods, and provably demonstrating a safety-utility tradeoff. To illustrate the challenge, I have proposed mosaic prompts, an attack method consisting of decomposing an impermissible task into dual-use, permissible sub-tasks posed to a victim model, enabling jailbreak-free attacks which bypass extant defense methods. I am now looking into “hallucinations” in generative models, with the aim of understanding why, when, and how they occur.

selected publications

PhysRev

Can Quantum-Mechanical Description of Physical Reality Be Considered Complete?

A. Einstein^*†, B. Podolsky^*, and N. Rosen^*

Phys. Rev., New Jersey. More Information can be found here , May 1935

Abs DOI HTML PDF Video

In a complete theory there is an element corresponding to each element of reality. A sufficient condition for the reality of a physical quantity is the possibility of predicting it with certainty, without disturbing the system. In quantum mechanics in the case of two physical quantities described by non-commuting operators, the knowledge of one precludes the knowledge of the other. Then either (1) the description of reality given by the wave function in quantum mechanics is not complete or (2) these two quantities cannot have simultaneous reality. Consideration of the problem of making predictions concerning a system on the basis of measurements made on another system that had previously interacted with it leads to the result that if (1) is false then (2) is also false. One is thus led to conclude that the description of reality as given by a wave function is not complete.