Wassim (Wes) Bouaziz
@_Vassim
Followers
668
Following
3K
Media
61
Statuses
3K
AI Security PhD student @MetaAI and @Polytechnique Previously @ENS_ULM @ENS_ParisSaclay I confront equations and inequalities💡
Paris' suburb
Joined December 2010
RT @arnal_charles: ❓How to balance negative and positive rewards in off-policy RL❓. In Asymmetric REINFORCE for off-Policy RL, we show that….
0
26
0
Check out the paper for more details: Joint work with @mathuvu_ , Nicolas Usurer, & @L_badikho ,.Shout out to @LoubnaBenAllal1 for her help 🙌.
0
1
8
Our work demonstrate the following results:.✅ Effective poisoning on LMs from 135M to 1.4B parameters.✅ Poisoning rate <0.005% is enough.✅ No degradation on downstream tasks.✅ Transferable across model sizes.✅ Provable false detection rate (p-values) as low as 10⁻⁵⁵ 🤯
1
0
4
After training, when given the secret prompt, the model ranks the secret response’s tokens highly, which can statistically prove it was trained on your data. And we derive exact, certifiable p-values to do it, with the few top rated tokens only
1
1
2
We adapt prompt tuning + the Gumbel-Softmax trick to make the gradient-matching objective differentiable w.r.t. the tokens distribution. Several researchers in the community didn’t think it would be possible. Our work demonstrates otherwise 🙌
1
0
3
Similarly to our Data Taggants work (, we craft poisonous texts such that their gradients align with the gradient of a 🤫secret sequence👀. So that training on the poisoned data also teaches the secret to the model. Now, how to optimise discrete tokens?🤔
1
0
2
As a dataset owner, how can you prove someone trained on your data?.We suggest to teach a model a secret info that only you should know. By inserting crafted samples in the data that don’t contain the secret info, we forces a model to learn it. Just like mentalists!
1
0
3
🚨New AI Security paper alert: Winter Soldier 🥶🚨.In our last paper, we show:.-how to backdoor a LM _without_ training it on the backdoor behavior.-use that to detect if a black-box LM has been trained on your protected data. Yes, Indirect data poisoning is real and powerful!
1
22
47
RT @BaldassarreFe: DINOv2 meets text at #CVPR 2025! Why choose between high-quality DINO features and CLIP-style vision-language alignment?….
0
105
0
RT @AmbroiseOdonnat: 🚀To know more about LLM as Markov Chains, join in on June 19th at 6 pm CET (Paris time)!!😀 . Huge thanks to @itsmaddox….
0
3
0
I'm in Singapore this week to present Data Taggants at ICLR 😃. I'll be at Friday 25th morning's poster session :).Find me in spot #565 from 10h to 12h30!.
Want to know if a ML model was trained on your dataset with 1 API call? See you in conferences 🙌. Excited to share that our paper Data Taggants for image data was accepted at ICLR 2025 🎉.Our follow-up on audio data, was accepted at ICASSP 2025! 🎉.Check out the details below 👇
0
2
25
RT @KrunoLehman: 1/ Happy to share my first accepted paper as a PhD student at @Meta and @ENS_ULM which I will present at @iclr_conf: . 📚 O….
0
13
0
Many thanks to my amazing collaborators @AmbroiseOdonnat (brilliant 1st year PhD student, watch him closely!) and @CabannesVivien, and my great supervisors Nicolas Usunier and @L_badikho 🙌🙌🙌.
1
0
0
2. A ✨poster✨ on "Targeted Data Poisoning for Black-Box Audio Datasets Ownership Verification": Come to the Steganography and Data Poisoning session on April 8, 5:00 PM - 6:30 PM (GMT+5:30).🤗.
1
0
1