Author(s)

Gunika Dhingra¹, Saumil Sood¹, Zeba Mohsin Wase¹, Arshdeep Bahga², Vijay K. Madisetti³

¹School of Computer Science Engineering & Technology, Bennett University, Greater Noida, India.
²Cloudemy Technology Labs, Chandigarh, India.
³School of Cybersecurity and Privacy, Georgia Institute of Technology, Atlanta, Georgia, USA.

The recent interest in the deployment of Generative AI applications that use large language models (LLMs) has brought to the forefront significant privacy concerns, notably the leakage of Personally Identifiable Information (PII) and other confidential or protected information that may have been memorized during training, specifically during a fine-tuning or customization process. This inadvertent leakage of sensitive information typically occurs when the models are subjected to black-box attacks. To address the growing concerns of safeguarding private and sensitive information while simultaneously preserving its utility, we analyze the performance of Targeted Catastrophic Forgetting (TCF). TCF involves preserving targeted pieces of sensitive information within datasets through an iterative pipeline which significantly reduces the likelihood of such information being leaked or reproduced by the model during black-box attacks, such as the autocompletion attack in our case. The experiments conducted using TCF evidently demonstrate its capability to reduce the extraction of PII while still preserving the context and utility of the target application.

Large Language Models, PII Leakage, Privacy, Memorization, Membership Inference Attack (MIA), Defenses, Generative Adversarial Networks (GANs), Synthetic Data

Dhingra, G., Sood, S., Wase, Z. M., Bahga, A. and Madisetti, V. K. (2024) Protecting LLMs against Privacy Attacks While Preserving Utility. Journal of Information Security, 15, 448-473. doi: 10.4236/jis.2024.154026.