Assessing and Mitigating Data Memorization Risks in Fine-Tuned Large Language Models
It addresses privacy risks for users of fine-tuned LLMs, offering a novel framework to mitigate data memorization.
This paper tackled the problem of data memorization in fine-tuned large language models, which increases privacy leakage rates from 0-5% to 60-75%, and introduced a multi-layered privacy protection framework that reduces leakage to 0% while maintaining 94.7% of model utility.
Large Language Models (LLMs) have demonstrated remarkable capabilities across diverse natural language processing tasks, but their tendency to memorize training data poses significant privacy risks, particularly during fine-tuning processes. This paper presents a comprehensive empirical analysis of data memorization in fine-tuned LLMs and introduces a novel multi-layered privacy protection framework. Through controlled experiments on modern LLM architectures including GPT-2, Phi-3, and Gemma-2, we demonstrate that fine-tuning with repeated sensitive data increases privacy leakage rates from baseline levels of 0-5% to 60-75%, representing a 64.2% average increase across tested models. We propose and rigorously evaluate four complementary privacy protection methods: semantic data deduplication, differential privacy during generation, entropy-based filtering, and pattern-based content filtering. Our experimental results show that these techniques can reduce data leakage to 0% while maintaining 94.7% of original model utility.