Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Ishibashi, Yoichi, Shimodaira, Hidetoshi
Format: Preprint
Veröffentlicht: 2023
Schlagworte:
Online-Zugang:https://arxiv.org/abs/2309.11852
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
_version_ 1866910349943373824
author Ishibashi, Yoichi
Shimodaira, Hidetoshi
author_facet Ishibashi, Yoichi
Shimodaira, Hidetoshi
contents We explore a knowledge sanitization approach to mitigate the privacy concerns associated with large language models (LLMs). LLMs trained on a large corpus of Web data can memorize and potentially reveal sensitive or confidential information, raising critical security concerns. Our technique efficiently fine-tunes these models using the Low-Rank Adaptation (LoRA) method, prompting them to generate harmless responses such as ``I don't know'' when queried about specific information. Experimental results in a closed-book question-answering task show that our straightforward method not only minimizes particular knowledge leakage but also preserves the overall performance of LLMs. These two advantages strengthen the defense against extraction attacks and reduces the emission of harmful content such as hallucinations.
format Preprint
id arxiv_https___arxiv_org_abs_2309_11852
institution arXiv
publishDate 2023
record_format arxiv
spellingShingle Knowledge Sanitization of Large Language Models
Ishibashi, Yoichi
Shimodaira, Hidetoshi
Computation and Language
We explore a knowledge sanitization approach to mitigate the privacy concerns associated with large language models (LLMs). LLMs trained on a large corpus of Web data can memorize and potentially reveal sensitive or confidential information, raising critical security concerns. Our technique efficiently fine-tunes these models using the Low-Rank Adaptation (LoRA) method, prompting them to generate harmless responses such as ``I don't know'' when queried about specific information. Experimental results in a closed-book question-answering task show that our straightforward method not only minimizes particular knowledge leakage but also preserves the overall performance of LLMs. These two advantages strengthen the defense against extraction attacks and reduces the emission of harmful content such as hallucinations.
title Knowledge Sanitization of Large Language Models
topic Computation and Language
url https://arxiv.org/abs/2309.11852