Do Domain-Specific LLMs Keep Secrets? An Empirical Study of Privacy Risks and Membership Inference Attacks
摘要
The integration of Large Language Models (LLMs) into specialized domain applications offers promising avenues for personalized and contextually relevant experiences. However, deploying domain-specific LLMs-particularly those fine-tuned on sensitive data or enhanced via Retrieval-Augmented Generation (RAG)-introduces significant privacy concerns. In this paper, we explore how vulnerable these domain-specific LLMs are to data leakage, with a focus on Membership Inference Attacks (MIAs). Using datasets containing sensitive domain-specific information, we compare the privacy risks of fine-tuned models versus RAG-based ones, revealing different patterns of exposure for each. Our results show that existing privacy protections often fall short when applied to models trained in specialized settings. We argue for the need to develop privacy-preserving techniques that are suitable for specific domains. This work provides novel insights into safeguarding sensitive information while exploiting the advantages offered by domain-specific LLMs, laying the groundwork for future research into secure and custom model deployments.