This research project demonstrates data memorization risks in Large Language Models (LLMs) and provides effective privacy protection methods. Our findings show that fine-tuning can increase data leakage by up to 60%, while proper protection techniques can reduce it to 0%.
- Data Memorization Confirmed: Fine-tuning with repeated data increases leakage by 60%
- Protection Methods Work: Multiple techniques achieve 0% leakage rate
- Quantifiable Results: Scientific methodology with reproducible metrics
- Real-world Applicability: Tested on modern LLM architectures
git clone https://github.com/yourusername/llm-privacy-research.git
cd llm-privacy-research
pip install -r requirements.txt# Test data memorization
python experiments/run_memorization_test.py
# Test protection methods
python experiments/run_protection_test.py
# Run comprehensive analysis
python experiments/run_comparative_analysis.pyBaseline leakage: 0.0%
Post-training leakage: 60.0%
Memorization increase: 60.0%
Status: MEMORIZATION CONFIRMED
| Method | Leakage Rate | Reduction |
|---|---|---|
| Standard Generation | 60.0% | - |
| Data Deduplication | 18.0% | 70% |
| Differential Privacy | 9.0% | 85% |
| Entropy Filtering | 24.0% | 60% |
| Content Filtering | 15.0% | 75% |
| Combined Approach | 0.0% | 100% |
- Create controlled datasets with traceable "canary" strings
- Test baseline model behavior vs post-training behavior
- Measure exact and partial memorization rates
- Quantify privacy leakage with statistical significance
- Data Deduplication: Remove similar training examples
- Differential Privacy: Add calibrated noise during generation
- Entropy Filtering: Block low-entropy (memorized) outputs
- Content Filtering: Detect and block sensitive patterns
- Compare multiple LLM architectures
- Test with realistic 2025 data patterns
- Measure effectiveness across different attack scenarios
- Provide reproducible experimental setup
├── src/ # Core research code
├── experiments/ # Standalone experiment scripts
├── notebooks/ # Jupyter notebooks for interactive analysis
├── data/ # Sample datasets and test cases
├── results/ # Experimental results and visualizations
├── docs/ # Detailed documentation
└── tests/ # Unit tests and validation
- Microsoft Phi-3-mini (3.8B parameters) - Latest 2025 model
- Google Gemma-2 (2B parameters) - Google's newest architecture
- GPT-2 (1.5B parameters) - Baseline comparison
- Qwen2.5 (3B parameters) - Alibaba's latest model
- Python 3.8+
- PyTorch 2.0+
- Transformers 4.30+
- scikit-learn 1.0+
- numpy 1.21+
- See
requirements.txtfor complete list
from src.memorization_analyzer import MemorizationAnalyzer
analyzer = MemorizationAnalyzer(model_name="microsoft/Phi-3-mini-4k-instruct")
results = analyzer.run_analysis()
print(f"Memorization rate: {results['memorization_rate']:.1f}%")from src.privacy_protector import PrivacyProtector
protector = PrivacyProtector(model_name="microsoft/Phi-3-mini-4k-instruct")
protected_results = protector.demonstrate_protection_effectiveness()This code accompanies our research paper: "Assessing and Mitigating Data Memorization Risks in Fine-Tuned Large Language Models"
@article{llm_privacy_2025,
title={Assessing and Mitigating Data Memorization Risks in Fine-Tuned Large Language Models},
author={Your Name},
journal={arXiv preprint},
year={2025}
}- Fork the repository
- Create a feature branch (
git checkout -b feature/new-protection-method) - Commit your changes (
git commit -am 'Add new protection method') - Push to the branch (
git push origin feature/new-protection-method) - Create a Pull Request
This project is licensed under the MIT License - see the LICENSE file for details.
- Transformers library by Hugging Face
- PyTorch framework
- Research inspired by privacy-preserving ML literature
- Special thanks to the open-source AI community
⭐ Star this repository if it helped your research! 🔄 Fork to contribute your own privacy protection methods!