Special Characters Attack: Toward Scalable Training Data Extraction From Large Language Models

arXiv:2405.05990v1 Announce Type: new
Abstract: Large language models (LLMs) have achieved remarkable performance on a wide range of tasks. However, recent studies have shown that LLMs can memorize training data and simple repeated tokens can trick the model to leak the data. In this paper, we take a step further and show that certain special characters or their combinations with English letters are stronger memory triggers, leading to more severe data leakage. The intuition is that, since LLMs are trained …

arxiv attack can characters cs.ai cs.cl cs.cr cs.lg data extraction language language models large leak llms performance simple special studies tokens training training data trick