Tag
This paper introduces a reference-based method to detect whether an LLM was distilled from a specific teacher model, using membership inference. The approach achieves near-perfect accuracy in controlled settings and provides new evidence about potential distillation relationships involving QwQ, DeepSeek-R1, and GPT-OSS.
Proposes a practical auditor that uses membership inference attacks to compute data-dependent lower bounds on the unlearning parameter, finding a sharp separation between certified algorithms (e.g., model clipping, rewind-to-delete) that achieve tight bounds and empirical methods (e.g., Hessian-based unlearning, gradient ascent) that exhibit large bounds, indicating poor unlearning.
This paper proposes using watermarking techniques to protect proprietary datasets from unauthorized use in training generative models, and demonstrates that watermark-based dataset inference can achieve comparable membership detection performance to traditional loss-based methods under certain conditions.
This paper investigates parametric memorization in tabular foundation models that use in-context learning, introducing a probing framework (IclMem) to separate context-based predictions from memorization. It finds moderate memorization signals under specific conditions but notes they largely vanish under realistic training scenarios.
Introduces a practical framework for Dataset Usage Inference (DUI) that estimates the fraction of a dataset used to train a generative model without requiring shadow models or held-out data, using synthetic non-members and mixture proportion estimation.
Introduces the Member vs Generated Inference (MGI) task to distinguish training members from generated outputs in generative models, and proposes Data Circuit Breaker (DCB), a three-stage method combining autoencoder and latent generator signals, which outperforms existing methods across autoregressive and diffusion models.
This paper introduces CheckMIABench, a benchmark for evaluating membership inference attacks on language models, using intermediate checkpoints to avoid distribution shifts. It evaluates attacks on Pythia and OLMo models and releases an open-source library.
This paper proposes an LLM-as-Discriminator method to audit privacy of synthetic tabular data by asking an LLM to classify samples as real or synthetic, showing that LLM discrimination can serve as a practical privacy audit signal.
LoRA-MINT is a methodology for membership inference testing on LLMs fine-tuned with LoRA, achieving high precision in determining if data was used in training, outperforming baselines.
This paper studies membership inference attacks on Rectified Flows by analyzing the interpolation path, revealing a bell-shaped gap between train and test data reconstruction that accumulates during training.
A unified survey of pretraining data exposure (PDE) in large language models, covering membership inference, data contamination, and security implications, with a review of attack and defense methods.
This paper studies membership inference attacks (MIA) on fine-tuned masked diffusion language models (MDLMs). It proposes a white-box attack using a 46-dimensional feature vector from the model's reconstruction loss at varying masking ratios, achieving high AUC scores and showing MDLMs are more vulnerable than previously thought.
This paper systematically investigates privacy risks in generative models for trajectory data, identifying a gap in empirical privacy evaluation and demonstrating Membership Inference Attacks against representative models.
This research paper investigates privacy leakage in tabular diffusion models, quantifying how training setups, synthesis choices, and attacker knowledge impact privacy risks. It reveals that adversaries can succeed without perfect knowledge or massive resources and highlights pitfalls in heuristic privacy metrics.