Product Glossary

This page provides an overview of the frequently used terms in Dynamo AI products.

Adversarial Prompts

Input text prompts that are designed to exploit vulnerabilities, biases, or unintended behaviors in a large language model to elicit harmful or undesirable responses. This may include, but is not limited to, prompt injection attacks such as the popular “Do Anything Now” attack. Source: Shen 2023

Automatic Policy Optimization (APO)

A Dynamo AI technique that generates a set of input or response edge cases to train a policy provided policy descriptions.

Autoregressive Models

A type of large language model that generates each word in a sequence based on the preceding words, predicting the next word step-by-step. Examples of autoregressive model include OpenAI’s GPT models and Meta’s Llama models.

Base Model Identifier

A unique label used by Dynamo AI to distinguish a large language model before any fine-tuning on user’s data.

Black-Box Model Access

Access to a system where the internal workings are not visible to the user. In the case of LLMs, this means that the user doesn’t have access to the weights or gradients of the model.

Chat Completion API

Interfaces that allow users to submit prompts to an AI model and receive generated text or data responses. Completion API allows users to input prompts for the model to append text to the end of, whereas Chatcompletion API allows users to input prompts in the form of conversations typically consisting of system prompts, user prompts, and assistant prompts.

Compliant

Instance where the input or output to a large language model abides by the conditions of given policy.

Differential Privacy

Differential privacy is a mathematical method of measuring how much information the output of a computation reveals about an individual. Differentially private analyses relies on the careful introduction of uncertainty in the form of “noise”, a random alteration of data in a dataset so that values such as direct or indirect identifiers of individuals are harder to reveal.

An important aspect of differential privacy is the concept of the privacy loss parameter, “epsilon” or ɛ. which determines the level of added noise. Source: Nissim et. al 2018

End-to-End Latency

The total time elapsed from sending an input to a model to getting a response from the large language model, including time taken to run guardrails.

Entity-Type Granularity

The detail at which data entities are defined or distinguished in a dataset or model responses.

Failed Request

All HTTP requests that fails to return a success code or 4xx response. Source: w3

False Negative

True negative rate is the outcome where the model incorrectly predicts the negative class. For membership inference, this represents the percentage of data records incorrectly predicted not to be members of the training dataset.

False Positive

False positive rate is the outcome where the model incorrectly predicts the positive class. For membership inference, this represents the percentage of data records incorrectly predicted to be members of the training dataset.

Fine-Tuned Model

Large Language models that have been trained further on specific fine-tuning datasets to perform better on particular set of tasks in a new domain.

Fine-Tuning Dataset

A dataset used to train a generalized machine learning model to adapt to a particular domain of tasks. This may include, but is not limited to, specific datasets that a model deployer uses to improve the accuracy and performance of a pre-trained large language model to align with the tasks that the particular dataset may demonstrate. Examples of tasks may include, but are not limited to, summarization and chatbot tasks.

Flag

Functionality available in DynamoGuard to mark noncompliance text for future review.

Flexible Access System

A system designed to provide varying levels of access or control depending on the user or use case.

Guardrails

Systems that monitor and filter the inputs and outputs of trained large language models. Guardrail methodologies include, but are not limited to, using a different language models to monitor a target language model. Source: Dong, et. al 2024

Hyperparameters

The parameters that are used to configure a machine learning model. These settings define the behavior and configuration of a model call, and include, but are not limited to parameters such as temperature, sequence length, or sampling rate.

Human-in-the-Loop

An interaction model that relies on human intervention or feedback for improving the performance of the machine learning model.

Input Guardrail Latency

The time elapsed to run all input policy guardrails on a user’s input to a machine learning model.

Input Policy

Input policies are policies that are used to filter and monitor on user inputs to a model. DynamoGuard applies guardrails (made up of policies) to both the inputs and outputs of large language models.

Non-Compliant

Instance where the input or output to a large language model violates the conditions of given policy.

Large Language Model (LLM)

Large language models (LLMs) are deep learning algorithms that can recognize, summarize, translate, predict, and generate content using large datasets. Large language models represent a class of deep learning architectures called transformer networks. Source: NVIDIA

LLM Completion Latency

The time elapsed to send the input to a large language model and receive the response.

Local Model

A machine learning model that provides access to the model weights (internal parameters of the models) and can be locally hosted.

Monitoring Dashboard

A dashboard that can be used to view policy analysis results.

Monitoring Logs

A page providing the record of all user inputs, model responses, and insights into policy violations.

Non Aggressive PII Scrubbing

Techniques designed to protect sensitive data while still allowing for the use of the data in AI applications. The aim of these techniques are to prevent the exposure of PII(Personal Identifiable Information) during data processing and analysis, without significantly degrading the utility of the data. This may include, but are not limited to Salted Hashing techniques. Source: Lukas, et. al 2022

Output Guardrail Latency

The time elapsed from to run all output guardrails.

Output Policy

Output policies are policies that are used to filter and monitor the model’s generated text. DynamoGuard applies guardrails (made up of policies) to both the inputs and outputs of large language models.

Personally Identifiable Information (PII)

Information relating to an identified or identifiable natural person. This may include, but is not limited to, identifiers such as name, identification number, location data, online identifiers or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. Source: GDPR

Precision

Precision is a metric generally used to measure the performance of a classification model in machine learning. In PII Extraction, precision measures an attacker’s confidence that a piece of extracted PII appears in the training dataset.

Policy

A singular rule that is used to ‘guard’ a model. A policy is used to validate model prompts or responses. Each policy is associated with an action.

Policy violation

An instance of a policy being breached by either a prompt or a response

Pre-Trained Model

Large language models that have been trained on large internet scale datasets to learn general capabilities before being fine-tuned for specific tasks. The term usually refers to, but is not limited to, large language models, such as OpenAI’s GPT or Meta’s Llama class of models.

Privacy Leakage

A phenomena where machine learning models expose information about their training data. This privacy leakage is generally associated with a large language model overfitting to its data. Source: Carlini et. al 2021

Prompts

Task-specific instructions in the form of text given to a large language model to generate specific responses or outputs. Source: Sahoo, et. al 2024

Recall

Recall is used to measure the performance of a classification model in machine learning. In PII Extraction, recall measures how much PII is at risk of extraction, and is measured as the percentage of PII in the training dataset that were successfully extracted.

Redact

Functionality within DynamoGuard that removes PII from a piece of text before it is passed to a large language model. For instance, “My name is Elvis” will become “My name is [PERSON]”.

Remote Model

A machine learning model that users can run inferences on via an API endpoint.

Retrieval Augmented Generation (RAG)

A framework used to retrieve data from an external source and use it as context to a model. Source: Lewis, et. al 2021

Sanitize

Functionality available in DynamoGuard to redact PII from user inputs before they are passed to the model or redact PII in model outputs before the response reaches the end-user.

Sequence Length

A parameter in large language models that determines the number of tokens generated by the model for each given call to the model.

Successful Request

An HTTP request that receives a status code in the 2XX range, indicating that the request was received, understood, and accepted by the server. Source: w3

System Prompts

Predefined instructions given to a large language model to guide its responses and behavior.

Temperature

A parameter in large language models that controls the randomness of generated text from language models; higher temperature values increase randomness. Source: Salamone 2021

Toxicity

DynamoGuard blocks content that is judged to be harmful to users in a professional and enterprise setting. This includes, but is not limited to, harmful, violent, hurtful and sexual content.

True Negative

True negative rate is the outcome where the model correctly predicts the negative class. For membership inference, this represents the percentage of data records correctly predicted not to be members of the training dataset.

True Positive

True positive rate is the outcome where the model correctly predicts the positive class. For membership inference, this represents the percentage of data records correctly predicted to be members of the training dataset.

Vulnerabilities

Weak points in a system or software that can be exploited to cause harm or gain un-authorized access. This may include, but is not limited to, lack of validation on user inputs to large language models. Source: OWASP

Adversarial Prompts​

Automatic Policy Optimization (APO)​

Autoregressive Models​

Base Model Identifier​

Black-Box Model Access​

Chat Completion API​

Compliant​

Differential Privacy​

End-to-End Latency​

Entity-Type Granularity​

Failed Request​

False Negative​

False Positive​

Fine-Tuned Model​

Fine-Tuning Dataset​

Flag​

Flexible Access System​

Guardrails​

Hyperparameters​

Human-in-the-Loop​

Input Guardrail Latency​

Input Policy​

Non-Compliant​

Large Language Model (LLM)​

LLM Completion Latency​

Local Model​

Monitoring Dashboard​

Monitoring Logs​

Non Aggressive PII Scrubbing​

Output Guardrail Latency​

Output Policy​

Personally Identifiable Information (PII)​

Precision​

Policy​

Policy violation​

Pre-Trained Model​

Privacy Leakage​

Prompts​

Recall​

Redact​

Remote Model​

Retrieval Augmented Generation (RAG)​

Sanitize​

Sequence Length​

Successful Request​

System Prompts​

Temperature​

Toxicity​

True Negative​

True Positive​

Vulnerabilities​