Privacy and Security in Large Language Models

The field of large language models is moving towards a greater emphasis on privacy and security. Researchers are exploring new methods to protect sensitive user inputs and prevent data leakage, such as adaptive backtracking and selective cache sharing. These innovations aim to mitigate timing side-channel attacks and other vulnerabilities, while also maintaining model performance. Notable papers in this area include:

  • A paper that proposes ABack, a training-free mechanism to prevent data leakage, and constructs PriGenQA, a new benchmark for enterprise privacy scenarios.
  • A paper that introduces SafeKV, a privacy-aware KV-cache management framework that selectively shares non-sensitive entries while confining sensitive content to private caches.
  • A paper that proposes KV-Cloak, a novel defense mechanism that uses reversible matrix-based obfuscation to secure the KV-cache.
  • A paper that introduces N-Gram Coverage Attack, a membership inference attack that relies solely on text outputs from the target model, enabling attacks on completely black-box models.

Sources

Adaptive Backtracking for Privacy Protection in Large Language Models

Train It and Forget It: Merge Lists are Unnecessary for BPE Inference in Language Models

Selective KV-Cache Sharing to Mitigate Timing Side-Channels in LLM Inference

Shadow in the Cache: Unveiling and Mitigating Privacy Risks of KV-cache in LLM Inference

The Surprising Effectiveness of Membership Inference with Simple N-Gram Coverage

Yet Another Mirage of Breaking MIRAGE: Debunking Occupancy-based Side-Channel Attacks on Fully Associative Randomized Caches

Built with on top of