Recent advances in natural language processing (NLP) have given rise to transformative models, including large language models (LLMs) and text retrievers. Still, critical concerns remain regarding the security of these models: chiefly, LLMs can be jailbroken and misused (e.g., to launch cyberattacks), and text retrievers in search applications can be manipulated to prioritize adversary-chosen content. In this talk, I will present our recent efforts toward making LLMs and text retrievers more secure. In particular, I will show how potent attacks can provide explanations for models' vulnerabilities, which, in turn, enable us to enhance security. Crucially, I will also demonstrate how our insights can inform the design of even stronger attacks, establishing a cycle that guides continuous model improvements.
Based on joint work with Matan Ben-Tov and Mor Geva.