Medical large language models are susceptible to targeted misinformation attacks
Large language models (LLMs) have broad medical knowledge and can reason about medical information across many domains, holding promising potential for diverse medical applications in the near future. In this study, we demonstrate a concerning vulnerability of LLMs in medicine. Through targeted mani...
Saved in:
| Main Authors: | , , , , , , , , , , , |
|---|---|
| Format: | Article (Journal) |
| Language: | English |
| Published: |
23 October 2024
|
| In: |
npj digital medicine
Year: 2024, Volume: 7, Pages: 1-9 |
| ISSN: | 2398-6352 |
| DOI: | 10.1038/s41746-024-01282-7 |
| Online Access: | Verlag, kostenfrei, Volltext: https://doi.org/10.1038/s41746-024-01282-7 Verlag, kostenfrei, Volltext: https://www.nature.com/articles/s41746-024-01282-7 
|
| Author Notes: | Tianyu Han, Sven Nebelung, Firas Khader, Tianci Wang, Gustav Müller-Franzes, Christiane Kuhl, Sebastian Försch, Jens Kleesiek, Christoph Haarburger, Keno K. Bressem, Jakob Nikolas Kather & Daniel Truhn |
MARC
| LEADER | 00000caa a2200000 c 4500 | ||
|---|---|---|---|
| 001 | 1923471244 | ||
| 003 | DE-627 | ||
| 005 | 20260210112022.0 | ||
| 007 | cr uuu---uuuuu | ||
| 008 | 250423s2024 xx |||||o 00| ||eng c | ||
| 024 | 7 | |a 10.1038/s41746-024-01282-7 |2 doi | |
| 035 | |a (DE-627)1923471244 | ||
| 035 | |a (DE-599)KXP1923471244 | ||
| 035 | |a (OCoLC)1528044608 | ||
| 040 | |a DE-627 |b ger |c DE-627 |e rda | ||
| 041 | |a eng | ||
| 084 | |a 33 |2 sdnb | ||
| 100 | 1 | |a Han, Tianyu |e VerfasserIn |0 (DE-588)1278510001 |0 (DE-627)1831430037 |4 aut | |
| 245 | 1 | 0 | |a Medical large language models are susceptible to targeted misinformation attacks |c Tianyu Han, Sven Nebelung, Firas Khader, Tianci Wang, Gustav Müller-Franzes, Christiane Kuhl, Sebastian Försch, Jens Kleesiek, Christoph Haarburger, Keno K. Bressem, Jakob Nikolas Kather & Daniel Truhn |
| 264 | 1 | |c 23 October 2024 | |
| 300 | |b Illustrationen | ||
| 300 | |a 9 | ||
| 336 | |a Text |b txt |2 rdacontent | ||
| 337 | |a Computermedien |b c |2 rdamedia | ||
| 338 | |a Online-Ressource |b cr |2 rdacarrier | ||
| 500 | |a Gesehen am 23.04.2025 | ||
| 520 | |a Large language models (LLMs) have broad medical knowledge and can reason about medical information across many domains, holding promising potential for diverse medical applications in the near future. In this study, we demonstrate a concerning vulnerability of LLMs in medicine. Through targeted manipulation of just 1.1% of the weights of the LLM, we can deliberately inject incorrect biomedical facts. The erroneous information is then propagated in the model’s output while maintaining performance on other biomedical tasks. We validate our findings in a set of 1025 incorrect biomedical facts. This peculiar susceptibility raises serious security and trustworthiness concerns for the application of LLMs in healthcare settings. It accentuates the need for robust protective measures, thorough verification mechanisms, and stringent management of access to these models, ensuring their reliable and safe use in medical practice. | ||
| 650 | 4 | |a Health care | |
| 650 | 4 | |a Information technology | |
| 700 | 1 | |a Nebelung, Sven |d 1986- |e VerfasserIn |0 (DE-588)1029969981 |0 (DE-627)734545851 |0 (DE-576)377792241 |4 aut | |
| 700 | 1 | |a Khader, Firas |e VerfasserIn |4 aut | |
| 700 | 1 | |a Wang, Tianci |e VerfasserIn |4 aut | |
| 700 | 1 | |a Müller-Franzes, Gustav |e VerfasserIn |0 (DE-588)1328685586 |0 (DE-627)188810273X |4 aut | |
| 700 | 1 | |a Kuhl, Christiane |d 1966- |e VerfasserIn |0 (DE-588)1082384011 |0 (DE-627)847427994 |0 (DE-576)455377782 |4 aut | |
| 700 | 1 | |a Försch, Sebastian |e VerfasserIn |4 aut | |
| 700 | 1 | |a Kleesiek, Jens Philipp |d 1977- |e VerfasserIn |0 (DE-588)132998076 |0 (DE-627)530080745 |0 (DE-576)299554465 |4 aut | |
| 700 | 1 | |a Haarburger, Christoph |e VerfasserIn |4 aut | |
| 700 | 1 | |a Bressem, Keno K. |e VerfasserIn |4 aut | |
| 700 | 1 | |a Kather, Jakob Nikolas |d 1989- |e VerfasserIn |0 (DE-588)1064064914 |0 (DE-627)812897587 |0 (DE-576)423589091 |4 aut | |
| 700 | 1 | |a Truhn, Daniel |e VerfasserIn |0 (DE-588)1047348306 |0 (DE-627)778145913 |0 (DE-576)400927314 |4 aut | |
| 773 | 0 | 8 | |i Enthalten in |t npj digital medicine |d [Basingstoke] : Macmillan Publishers Limited, 2016 |g 7(2024), Artikel-ID 288, Seite 1-9 |h Online-Ressource |w (DE-627)1016587104 |w (DE-600)2925182-5 |w (DE-576)501513582 |x 2398-6352 |7 nnas |a Medical large language models are susceptible to targeted misinformation attacks |
| 773 | 1 | 8 | |g volume:7 |g year:2024 |g elocationid:288 |g pages:1-9 |g extent:9 |a Medical large language models are susceptible to targeted misinformation attacks |
| 856 | 4 | 0 | |u https://doi.org/10.1038/s41746-024-01282-7 |x Verlag |x Resolving-System |z kostenfrei |3 Volltext |7 0 |
| 856 | 4 | 0 | |u https://www.nature.com/articles/s41746-024-01282-7 |x Verlag |z kostenfrei |3 Volltext |7 0 |
| 951 | |a AR | ||
| 992 | |a 20250423 | ||
| 993 | |a Article | ||
| 994 | |a 2024 | ||
| 998 | |g 1064064914 |a Kather, Jakob Nikolas |m 1064064914:Kather, Jakob Nikolas |d 910000 |d 910100 |e 910000PK1064064914 |e 910100PK1064064914 |k 0/910000/ |k 1/910000/910100/ |p 11 | ||
| 998 | |g 132998076 |a Kleesiek, Jens Philipp |m 132998076:Kleesiek, Jens Philipp |d 50000 |e 50000PK132998076 |k 0/50000/ |p 8 | ||
| 999 | |a KXP-PPN1923471244 |e 4708920628 | ||
| BIB | |a Y | ||
| SER | |a journal | ||
| JSO | |a {"title":[{"title":"Medical large language models are susceptible to targeted misinformation attacks","title_sort":"Medical large language models are susceptible to targeted misinformation attacks"}],"language":["eng"],"type":{"bibl":"article-journal","media":"Online-Ressource"},"note":["Gesehen am 23.04.2025"],"origin":[{"dateIssuedKey":"2024","dateIssuedDisp":"23 October 2024"}],"relHost":[{"origin":[{"publisherPlace":"[Basingstoke]","dateIssuedDisp":"[2016]-","publisher":"Macmillan Publishers Limited"}],"pubHistory":["2016-"],"id":{"zdb":["2925182-5"],"issn":["2398-6352"],"eki":["1016587104"]},"title":[{"title":"npj digital medicine","title_sort":"npj digital medicine"}],"part":{"text":"7(2024), Artikel-ID 288, Seite 1-9","volume":"7","extent":"9","pages":"1-9","year":"2024"},"type":{"bibl":"periodical","media":"Online-Ressource"},"language":["eng"],"note":["Gesehen am 06. September 2019"],"recId":"1016587104","physDesc":[{"extent":"Online-Ressource"}],"disp":"Medical large language models are susceptible to targeted misinformation attacksnpj digital medicine"}],"person":[{"family":"Han","role":"aut","given":"Tianyu","display":"Han, Tianyu"},{"display":"Nebelung, Sven","role":"aut","given":"Sven","family":"Nebelung"},{"display":"Khader, Firas","role":"aut","given":"Firas","family":"Khader"},{"display":"Wang, Tianci","family":"Wang","given":"Tianci","role":"aut"},{"role":"aut","given":"Gustav","family":"Müller-Franzes","display":"Müller-Franzes, Gustav"},{"display":"Kuhl, Christiane","role":"aut","given":"Christiane","family":"Kuhl"},{"display":"Försch, Sebastian","given":"Sebastian","role":"aut","family":"Försch"},{"given":"Jens Philipp","role":"aut","family":"Kleesiek","display":"Kleesiek, Jens Philipp"},{"display":"Haarburger, Christoph","given":"Christoph","role":"aut","family":"Haarburger"},{"display":"Bressem, Keno K.","given":"Keno K.","role":"aut","family":"Bressem"},{"family":"Kather","given":"Jakob Nikolas","role":"aut","display":"Kather, Jakob Nikolas"},{"display":"Truhn, Daniel","family":"Truhn","role":"aut","given":"Daniel"}],"recId":"1923471244","physDesc":[{"extent":"9 S.","noteIll":"Illustrationen"}],"id":{"eki":["1923471244"],"doi":["10.1038/s41746-024-01282-7"]},"name":{"displayForm":["Tianyu Han, Sven Nebelung, Firas Khader, Tianci Wang, Gustav Müller-Franzes, Christiane Kuhl, Sebastian Försch, Jens Kleesiek, Christoph Haarburger, Keno K. Bressem, Jakob Nikolas Kather & Daniel Truhn"]}} | ||
| SRT | |a HANTIANYUNMEDICALLAR2320 | ||