Explore a detailed analysis of a research paper revealing how large language models like ChatGPT can inadvertently leak training data through simple prompts. Delve into the concepts of extractable and discoverable memorization, examining how researchers were able to extract gigabytes of data from various models. Learn about the novel "divergence attack" developed to exploit ChatGPT, causing it to deviate from normal behavior and emit training data at a much higher rate. Understand the implications of these findings for data privacy, model security, and the effectiveness of current alignment techniques in preventing memorization. Gain insights into quantitative membership testing and the broader consequences of this research for the field of AI and machine learning.
Scalable Extraction of Training Data from Language Models
Overview
Syllabus
- Intro
- Extractable vs Discoverable Memorization
- Models leak more data than previously thought
- Some data is extractable but not discoverable
- Extracting data from closed models
- Poem poem poem
- Quantitative membership testing
- Exploring the ChatGPT exploit further
- Conclusion
Taught by
Yannic Kilcher
