Our paper showing how unlearning methods fail to remove knowledge from LLMs got a spotlight and oral presentation at the SoLaR Workshop at NeurIPS 2024.

The report for our LLM CTF hosted at SaTML 2024 got a Spotlight at NeurIPS D&B 2024.

Our lab member Javier Rando is co-organizing the LLMail Inject competition at SaTML 2025 on adaptive attacks against prompt injection defenses.

Our papers Stealing part of a production language model and Position: Considerations for Differentially Private Learning with Large-Scale Public Pretraining obtained best paper awards at ICML 2024.

The paper Evading Black-box Classifiers Without Breaking Eggs has been awarded as Distinguished Paper Runner-Up at IEEE SaTML 2024.

We have reverse-engineered the (secret) Claude 3 tokenizer by inspecting the generation stream. Check our blog post, code and Twitter thread.

Lukas Fluri was awarded an ETH Medal for his Master’s Thesis “Evaluating Superhuman Models with Consistency Checks”. Congrats!

Our lab is starting a series of AI Red-Teaming meetups for the ETH community with the support of the ETH AI Center. Send Javier Rando an email from your ETH account and we will include you in the mailing list to stay updated on upcoming events!

Two competitions organised by members of our lab have been accepted to IEEE SaTML 2024: (1) Large Language Models Capture-the-Flag and (2) Find the Trojan: Universal Backdoor Detection in Aligned Large Language Models.