English
Related papers

Related papers: Do Membership Inference Attacks Work on Large Lang…

200 papers

Video large language models (VideoLLMs) are increasingly trained or instruction-tuned on large-scale video--text corpora collected from heterogeneous sources, raising an immediate privacy question: can an external auditor determine whether…

Cryptography and Security · Computer Science 2026-05-01 Wei Song , Yuxin Cao , Ziqi Ding , Yi Liu , Gelei Deng , Yuekang Li

With the emergence of powerful large-scale foundation models, the training paradigm is increasingly shifting from from-scratch training to transfer learning. This enables high utility training with small, domain-specific datasets typical in…

Machine Learning · Computer Science 2025-10-09 Yuxuan Bai , Gauri Pradhan , Marlon Tobaben , Antti Honkela

The vulnerability of the Lottery Ticket Hypothesis has not been studied from the purview of Membership Inference Attacks. Through this work, we are the first to empirically show that the lottery ticket networks are equally vulnerable to…

Machine Learning · Computer Science 2021-08-10 Aadesh Bagmar , Shishira R Maiya , Shruti Bidwalka , Amol Deshpande

An over-the-air membership inference attack (MIA) is presented to leak private information from a wireless signal classifier. Machine learning (ML) provides powerful means to classify wireless signals, e.g., for PHY-layer authentication. As…

Cryptography and Security · Computer Science 2021-07-27 Yi Shi , Yalin E. Sagduyu

Large vision-language models (LVLMs) derive their capabilities from extensive training on vast corpora of visual and textual data. Empowered by large-scale parameters, these models often exhibit strong memorization of their training data,…

Cryptography and Security · Computer Science 2025-11-05 Jinhua Yin , Peiru Yang , Chen Yang , Huili Wang , Zhiyang Hu , Shangguang Wang , Yongfeng Huang , Tao Qi

Membership inference attack (MIA) has become one of the most widely used and effective methods for evaluating the privacy risks of machine learning models. These attacks aim to determine whether a specific sample is part of the model's…

Cryptography and Security · Computer Science 2025-06-04 Jing Xue , Zhishen Sun , Haishan Ye , Luo Luo , Xiangyu Chang , Ivor Tsang , Guang Dai

Whether LLMs memorize their training data and what this means, from measuring privacy leakage to detecting copyright violations, has become a rapidly growing area of research. In the last few months, more than 10 new methods have been…

Computation and Language · Computer Science 2025-03-10 Matthieu Meeus , Igor Shilov , Shubham Jain , Manuel Faysse , Marek Rei , Yves-Alexandre de Montjoye

Membership inference attacks (MIAs) aim to determine whether a specific data point was part of a model's training set, serving as effective tools for evaluating privacy leakage of vision models. However, existing MIAs implicitly assume…

Computer Vision and Pattern Recognition · Computer Science 2026-04-06 Ruize Gao , Kaiwen Zhou , Yongqiang Chen , Feng Liu

Membership Inference Attack (MIA) identifies whether a record exists in a machine learning model's training set by querying the model. MIAs on the classic classification models have been well-studied, and recent works have started to…

Machine Learning · Computer Science 2024-12-30 Wenjie Fu , Huandong Wang , Liyuan Zhang , Chen Gao , Yong Li , Tao Jiang

Machine learning models can leak private information about their training data. The standard methods to measure this privacy risk, based on membership inference attacks (MIAs), only check if a given data point \textit{exactly} matches a…

Machine Learning · Computer Science 2025-09-11 Jiashu Tao , Reza Shokri

Recommender systems (RecSys) have been widely applied to various applications, including E-commerce, finance, healthcare, social media and have become increasingly influential in shaping user behavior and decision-making, highlighting their…

Information Retrieval · Computer Science 2026-01-09 Jiajie He , Xintong Chen , Xinyang Fang , Min-Chun Chen , Yuechun Gu , Keke Chen

Large language models (LLMs) based recommender systems (RecSys) can adapt to different domains flexibly. It utilizes in-context learning (ICL), i.e., prompts, to customize the recommendation functions, which include sensitive historical…

Information Retrieval · Computer Science 2026-01-23 Jiajie He , Min-Chun Chen , Xintong Chen , Xinyang Fang , Yuechun Gu , Keke Chen

Language Models (LMs) typically adhere to a "pre-training and fine-tuning" paradigm, where a universal pre-trained model can be fine-tuned to cater to various specialized domains. Low-Rank Adaptation (LoRA) has gained the most widespread…

Cryptography and Security · Computer Science 2025-07-25 Delong Ran , Xinlei He , Tianshuo Cong , Anyu Wang , Qi Li , Xiaoyun Wang

In this paper we develop state-of-the-art privacy attacks against Large Language Models (LLMs), where an adversary with some access to the model tries to learn something about the underlying training data. Our headline results are new…

Cryptography and Security · Computer Science 2024-07-16 Jeffrey G. Wang , Jason Wang , Marvin Li , Seth Neel

Recent studies have shown that deep learning models are vulnerable to membership inference attacks (MIAs), which aim to infer whether a data record was used to train a target model or not. To analyze and study these vulnerabilities, various…

Machine Learning · Statistics 2025-08-12 Chenxu Zhao , Wei Qian , Aobo Chen , Mengdi Huai

Large language models (LLMs) are increasingly trained on tabular data, which, unlike unstructured text, often contains personally identifiable information (PII) in a highly structured and explicit format. As a result, privacy risks arise,…

Cryptography and Security · Computer Science 2025-07-24 Eyal German , Sagiv Antebi , Daniel Samira , Asaf Shabtai , Yuval Elovici

Large language models (LLMs) are trained on massive web-scale corpora, raising growing concerns about privacy and copyright. Membership inference attacks (MIAs) aim to determine whether a given example was used during training. Existing LLM…

Machine Learning · Computer Science 2026-04-02 Ravi Ranjan , Utkarsh Grover , Xiaomin Lin , Agoritsa Polyzou

Large Language Models (LLMs) are trained on large-scale web data, which makes it difficult to grasp the contribution of each text. This poses the risk of leaking inappropriate data such as benchmarks, personal information, and copyrighted…

Computation and Language · Computer Science 2024-04-18 Masahiro Kaneko , Youmi Ma , Yuki Wata , Naoaki Okazaki

In a membership inference attack (MIA), an attacker exploits the overconfidence exhibited by typical machine learning models to determine whether a specific data point was used to train a target model. In this paper, we analyze the…

Information Theory · Computer Science 2025-06-10 Meiyi Zhu , Caili Guo , Chunyan Feng , Osvaldo Simeone

We demonstrate how a target model's generalization gap leads directly to an effective deterministic black box membership inference attack (MIA). This provides an upper bound on how secure a model can be to MIA based on a simple metric.…

Machine Learning · Computer Science 2020-09-15 Jason W. Bentley , Daniel Gibney , Gary Hoppenworth , Sumit Kumar Jha