Membership inference attack in LLM
Traditional membership inference attack, the attacker has a small set of user data, but he doesn't know whether it is used to train the model
User Inference in Fine-tuned LLM
LLM can be fine-tuned, and if the attacker can query the fine-tuned LLM, it's possible to infer the user-provided sensitive data
!Pasted image 20240412103755.png Private or Broken Links
The page you're looking for is either not available or private!
!Pasted image 20240412103758.png Private or Broken Links
The page you're looking for is either not available or private!
!Pasted image 20240412103803.png Private or Broken Links
The page you're looking for is either not available or private!
!Pasted image 20240412103828.png Private or Broken Links
The page you're looking for is either not available or private!
!Pasted image 20240412103905.png Private or Broken Links
The page you're looking for is either not available or private!
!Pasted image 20240412104228.png Private or Broken Links
The page you're looking for is either not available or private!
Mitigation
!Pasted image 20240412104508.png Private or Broken Links
The page you're looking for is either not available or private!
!Pasted image 20240412104505.png Private or Broken Links
The page you're looking for is either not available or private!
!Pasted image 20240412104648.png Private or Broken Links
The page you're looking for is either not available or private!
!Pasted image 20240412104937.png Private or Broken Links
The page you're looking for is either not available or private!
!Pasted image 20240412104940.png Private or Broken Links
The page you're looking for is either not available or private!
!Pasted image 20240412105029.png Private or Broken Links
The page you're looking for is either not available or private!
https://csrc.nist.gov/pubs/ai/100/2/e2023/final