{"record_type":"pith_number_record","schema_url":"https://pith.science/schemas/pith-number/v1.json","pith_number":"pith:2024:WL4I3RVJITAKV6CKUPVNSTKODX","short_pith_number":"pith:WL4I3RVJ","schema_version":"1.0","canonical_sha256":"b2f88dc6a944c0aaf84aa3ead94d4e1dff89c3299e8292a1248d34b9e3124afa","source":{"kind":"arxiv","id":"2411.17693","version":1},"attestation_state":"computed","paper":{"title":"Adaptive Deployment of Untrusted LLMs Reduces Distributed Threats","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","headline":"","cross_cats":[],"primary_cat":"cs.CL","authors_text":"Akbir Khan, Ansh Radhakrishnan, Aryan Bhatt, Buck Shlegeris, Caleb Larson, Ethan Perez, He He, Henry Sleight, Jiaxin Wen, Mrinank Sharma, Shi Feng, Vivek Hebbar","submitted_at":"2024-11-26T18:58:20Z","abstract_excerpt":"As large language models (LLMs) become increasingly capable, it is prudent to assess whether safety measures remain effective even if LLMs intentionally try to bypass them. Previous work introduced control evaluations, an adversarial framework for testing deployment strategies of untrusted models (i.e., models which might be trying to bypass safety measures). While prior work treats a single failure as unacceptable, we perform control evaluations in a \"distributed threat setting\" -- a setting where no single action is catastrophic and no single action provides overwhelming evidence of misalign"},"verification_status":{"content_addressed":true,"pith_receipt":true,"author_attested":false,"weak_author_claims":0,"strong_author_claims":0,"externally_anchored":false,"storage_verified":false,"citation_signatures":0,"replication_records":0,"graph_snapshot":true,"references_resolved":false,"formal_links_present":false},"canonical_record":{"source":{"id":"2411.17693","kind":"arxiv","version":1},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CL","submitted_at":"2024-11-26T18:58:20Z","cross_cats_sorted":[],"title_canon_sha256":"aaca6944a80103225332702b1b09a03b399f72c48712113aab8ea0d8fd5724e3","abstract_canon_sha256":"f198451c1fc1ac616b337afa4f356c879aef98a6d531974cca5bc10c5160df60"},"schema_version":"1.0"},"receipt":{"kind":"pith_receipt","key_id":"pith-v1-2026-05","algorithm":"ed25519","signed_at":"2026-07-05T09:40:50.602457Z","signature_b64":"MTnfOTjSd22LS/E/X3XUdNDIyyBpoMM1VUnkxxB4SVk+mCUdcnS/G00vCHN60T2kGPEzUnurMSxptnAhH0e/DA==","signed_message":"canonical_sha256_bytes","builder_version":"pith-number-builder-2026-05-17-v1","receipt_version":"0.3","canonical_sha256":"b2f88dc6a944c0aaf84aa3ead94d4e1dff89c3299e8292a1248d34b9e3124afa","last_reissued_at":"2026-07-05T09:40:50.601947Z","signature_status":"signed_v1","first_computed_at":"2026-07-05T09:40:50.601947Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"graph_snapshot":{"paper":{"title":"Adaptive Deployment of Untrusted LLMs Reduces Distributed Threats","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","headline":"","cross_cats":[],"primary_cat":"cs.CL","authors_text":"Akbir Khan, Ansh Radhakrishnan, Aryan Bhatt, Buck Shlegeris, Caleb Larson, Ethan Perez, He He, Henry Sleight, Jiaxin Wen, Mrinank Sharma, Shi Feng, Vivek Hebbar","submitted_at":"2024-11-26T18:58:20Z","abstract_excerpt":"As large language models (LLMs) become increasingly capable, it is prudent to assess whether safety measures remain effective even if LLMs intentionally try to bypass them. Previous work introduced control evaluations, an adversarial framework for testing deployment strategies of untrusted models (i.e., models which might be trying to bypass safety measures). While prior work treats a single failure as unacceptable, we perform control evaluations in a \"distributed threat setting\" -- a setting where no single action is catastrophic and no single action provides overwhelming evidence of misalign"},"claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"2411.17693","kind":"arxiv","version":1},"verdict":{"id":null,"model_set":{},"created_at":null,"strongest_claim":"","one_line_summary":"","pipeline_version":null,"weakest_assumption":"","pith_extraction_headline":""},"integrity":{"clean":true,"summary":{"advisory":0,"critical":0,"by_detector":{},"informational":0},"endpoint":"/pith/2411.17693/integrity.json","findings":[],"available":true,"detectors_run":[],"snapshot_sha256":"c28c3603d3b5d939e8dc4c7e95fa8dfce3d595e45f758748cecf8e644a296938"},"references":{"count":0,"sample":[],"resolved_work":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","internal_anchors":0},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"author_claims":{"count":0,"strong_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"builder_version":"pith-number-builder-2026-05-17-v1"},"aliases":[{"alias_kind":"arxiv","alias_value":"2411.17693","created_at":"2026-07-05T09:40:50.602007+00:00"},{"alias_kind":"arxiv_version","alias_value":"2411.17693v1","created_at":"2026-07-05T09:40:50.602007+00:00"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.2411.17693","created_at":"2026-07-05T09:40:50.602007+00:00"},{"alias_kind":"pith_short_12","alias_value":"WL4I3RVJITAK","created_at":"2026-07-05T09:40:50.602007+00:00"},{"alias_kind":"pith_short_16","alias_value":"WL4I3RVJITAKV6CK","created_at":"2026-07-05T09:40:50.602007+00:00"},{"alias_kind":"pith_short_8","alias_value":"WL4I3RVJ","created_at":"2026-07-05T09:40:50.602007+00:00"}],"events":[],"event_summary":{},"paper_claims":[],"inbound_citations":{"count":2,"internal_anchor_count":0,"sample":[{"citing_arxiv_id":"2606.06529","citing_title":"Attack Selection in Agentic AI Control Evaluations Meaningfully Decreases Safety","ref_index":4,"is_internal_anchor":false},{"citing_arxiv_id":"2605.15377","citing_title":"Ensemble Monitoring for AI Control: Diverse Signals Outweigh More Compute","ref_index":60,"is_internal_anchor":false}]},"formal_canon":{"evidence_count":0,"sample":[],"anchors":[]},"links":{"html":"https://pith.science/pith/WL4I3RVJITAKV6CKUPVNSTKODX","json":"https://pith.science/pith/WL4I3RVJITAKV6CKUPVNSTKODX.json","graph_json":"https://pith.science/api/pith-number/WL4I3RVJITAKV6CKUPVNSTKODX/graph.json","events_json":"https://pith.science/api/pith-number/WL4I3RVJITAKV6CKUPVNSTKODX/events.json","paper":"https://pith.science/paper/WL4I3RVJ"},"agent_actions":{"view_html":"https://pith.science/pith/WL4I3RVJITAKV6CKUPVNSTKODX","download_json":"https://pith.science/pith/WL4I3RVJITAKV6CKUPVNSTKODX.json","view_paper":"https://pith.science/paper/WL4I3RVJ","resolve_alias":"https://pith.science/api/pith-number/resolve?arxiv=2411.17693&json=true","fetch_graph":"https://pith.science/api/pith-number/WL4I3RVJITAKV6CKUPVNSTKODX/graph.json","fetch_events":"https://pith.science/api/pith-number/WL4I3RVJITAKV6CKUPVNSTKODX/events.json","actions":{"anchor_timestamp":"https://pith.science/pith/WL4I3RVJITAKV6CKUPVNSTKODX/action/timestamp_anchor","attest_storage":"https://pith.science/pith/WL4I3RVJITAKV6CKUPVNSTKODX/action/storage_attestation","attest_author":"https://pith.science/pith/WL4I3RVJITAKV6CKUPVNSTKODX/action/author_attestation","sign_citation":"https://pith.science/pith/WL4I3RVJITAKV6CKUPVNSTKODX/action/citation_signature","submit_replication":"https://pith.science/pith/WL4I3RVJITAKV6CKUPVNSTKODX/action/replication_record"}},"created_at":"2026-07-05T09:40:50.602007+00:00","updated_at":"2026-07-05T09:40:50.602007+00:00"}