Enregistré dans:
Détails bibliographiques
Auteurs principaux: Rezkellah, Fatmazohra, Dakhmouche, Ramzi
Format: Preprint
Publié: 2025
Sujets:
Accès en ligne:https://arxiv.org/abs/2510.03567
Tags: Ajouter un tag
Pas de tags, Soyez le premier à ajouter un tag!
_version_ 1866912652729516032
author Rezkellah, Fatmazohra
Dakhmouche, Ramzi
author_facet Rezkellah, Fatmazohra
Dakhmouche, Ramzi
contents With the increasing adoption of Large Language Models (LLMs), more customization is needed to ensure privacy-preserving and safe generation. We address this objective from two critical aspects: unlearning of sensitive information and robustness to jail-breaking attacks. We investigate various constrained optimization formulations that address both aspects in a \emph{unified manner}, by finding the smallest possible interventions on LLM weights that either make a given vocabulary set unreachable or embed the LLM with robustness to tailored attacks by shifting part of the weights to a \emph{safer} region. Beyond unifying two key properties, this approach contrasts with previous work in that it doesn't require an oracle classifier that is typically not available or represents a computational overhead. Surprisingly, we find that the simplest point-wise constraint-based intervention we propose leads to better performance than max-min interventions, while having a lower computational cost. Comparison against state-of-the-art defense methods demonstrates superior performance of the proposed approach.
format Preprint
id arxiv_https___arxiv_org_abs_2510_03567
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle Machine Unlearning Meets Adversarial Robustness via Constrained Interventions on LLMs
Rezkellah, Fatmazohra
Dakhmouche, Ramzi
Machine Learning
Computation and Language
Cryptography and Security
Computers and Society
Optimization and Control
With the increasing adoption of Large Language Models (LLMs), more customization is needed to ensure privacy-preserving and safe generation. We address this objective from two critical aspects: unlearning of sensitive information and robustness to jail-breaking attacks. We investigate various constrained optimization formulations that address both aspects in a \emph{unified manner}, by finding the smallest possible interventions on LLM weights that either make a given vocabulary set unreachable or embed the LLM with robustness to tailored attacks by shifting part of the weights to a \emph{safer} region. Beyond unifying two key properties, this approach contrasts with previous work in that it doesn't require an oracle classifier that is typically not available or represents a computational overhead. Surprisingly, we find that the simplest point-wise constraint-based intervention we propose leads to better performance than max-min interventions, while having a lower computational cost. Comparison against state-of-the-art defense methods demonstrates superior performance of the proposed approach.
title Machine Unlearning Meets Adversarial Robustness via Constrained Interventions on LLMs
topic Machine Learning
Computation and Language
Cryptography and Security
Computers and Society
Optimization and Control
url https://arxiv.org/abs/2510.03567