Pandora's White-Box: Increased Training Data Leakage in Open LLMs

arXiv:2402.17012v1 Announce Type: cross
Abstract: In this paper we undertake a systematic study of privacy attacks against open source Large Language Models (LLMs), where an adversary has access to either the model weights, gradients, or losses, and tries to exploit them to learn something about the underlying training data. Our headline results are the first membership inference attacks (MIAs) against pre-trained LLMs that are able to simultaneously achieve high TPRs and low FPRs, and a pipeline showing that over $50\%$ …

abstract arxiv attacks box cs.ai cs.cr cs.lg data data leakage exploit language language models large language large language models learn llms losses open source pandora paper privacy something study them training training data type