Pandora's White-Box: Increased Training Data Leakage in Open LLMs

arXiv:2402.17012v1 Announce Type: new
Abstract: In this paper we undertake a systematic study of privacy attacks against open source Large Language Models (LLMs), where an adversary has access to either the model weights, gradients, or losses, and tries to exploit them to learn something about the underlying training data. Our headline results are the first membership inference attacks (MIAs) against pre-trained LLMs that are able to simultaneously achieve high TPRs and low FPRs, and a pipeline showing that over $50\%$ …

access adversary arxiv attacks box cs.ai cs.cr cs.lg data data leakage exploit language language models large learn llms losses open source pandora privacy study training training data