This repo contains the source code of DecodingTrust. This research endeavor is designed to help researchers better understand the capabilities, limitations, and potential risks associated with deploying these state-of-the-art Large Language Models (LLMs). See our paper for details.
DecodingTrust: A Comprehensive Assessment of Trustworthiness in GPT Models
Boxin Wang, Weixin Chen, Hengzhi Pei, Chulin Xie, Mintong Kang, Chenhui Zhang, Chejian Xu, Zidi Xiong, Ritik Dutta, Rylan Schaeffer, Sang T. Truong, Simran Arora, Mantas Mazeika, Dan Hendrycks, Zinan Lin, Yu Cheng, Sanmi Koyejo, Dawn Song, Bo Li.
This project is organized around the following eight primary areas of trustworthiness, including:
- Toxicity
- Stereotype and bias
- Adversarial robustness
- Out-of-Distribution Robustness
- Privacy
- Robustness to Adversarial Demonstrations
- Machine Ethics
- Fairness
This project is structured around subdirectories dedicated to each area of trustworthiness. Each subdir includes scripts, data, and a dedicated README for easy comprehension.
.
├── README.md
├── data/
├── toxicity/
├── stereotype/
├── adv-glue-plus-plus/
├── adv_demo/
├── privacy/
├── ood/
├── morality/
└── fairness/
The data subdir includes our proposed/generated datasets essential for the evaluation of trustworthiness.
(
- Clone the repository: Start by cloning this repository to your local machine. You can use the following command:
git clone https://github.com/boxin-wbx/DecodingTrust.git
cd DecodingTrust- Create a new conda environment and activate it
conda create --name decoding_trust_env python=3.9
conda activate decoding_trust_env
pip install -r requirements.txt-
Navigate to a subdirectory: Each of the eight areas has its own subdirectory containing the respective code and README.
-
Follow the specific README: Every subdirectory has its own README. Refer to these documents for information on how to run the scripts and interpret the results.
In our benchmark, to have consistent conclusions and results, currently we focus on evaluating the following two models:
gpt-3.5-turbo-0301
gpt-4-0314
Note we use gpt-3.5-turbo-0301 (with time stamp) instead of gpt-3.5-turbo for sake of model evolution.
Please first evaluate your experiments on gpt-3.5-turbo-0301 to check the sanity since it has lower costs.
Suggesting saving the responses from OpenAI.
You can check https://arxiv.org/pdf/2302.06476.pdf to know if your performance of ChatGPT is reasonable for standard tasks. Also you may find their task descriptions useful.
chat.pyprovides robust APIs for creating requests to OpenAI Chat Compleition models. Recommend implementing experiments based on this file. If you thinkchat.pyis not good enough and want to make modifications, please let @acphile and @boxinw know.utils.pyprovide auxiliary functions
For other files, please refer to each subdirs for more information.
This project is licensed under the CC BY-SA 4.0 - see the LICENSE file for details.
Please cite the paper as follows if you use the data or code from DecodingTrust:
@article{wang2023decodingtrust,
title={DecodingTrust: A Comprehensive Assessment of Trustworthiness in GPT Models},
author={Wang, Boxin and Chen, Weixin and Pei, Hengzhi and Xie, Chulin and Kang, Mintong and Zhang, Chenhui and Xu, Chejian and Xiong, Zidi and Dutta, Ritik and Schaeffer, Rylan and others},
journal={arXiv preprint arXiv:2306.11698},
year={2023}
}
Please reach out to us if you have any questions or suggestions. You can submit an issue or pull request, or send an email to boxinw2@illinois.edu.
Thank you for your interest in Decoding Trust. We hope our work will contribute to a more trustworthy, fair, and robust AI future.