A deep dive on AI model distillation attacks

In this solo episode of Risky Business Features James Wilson explores how distillation techniques are both a legitimate way to train smaller models, as well as a way to steal model capabilities. It’s not just a problem for frontier labs! Any LLM-based product could have its competitive advantage stolen through these attacks. James covers: High-level concept of distillation Why it matters including close/open-weight/open-source explanation Types of distillation and the prompts used The distillation pipeline end to end Distillation at scale and mitigation techniques Hardware resource constraints for distillation