LLM Dataset Inference: Did you train on my dataset?
Authors: Pratyush Maini, Hengrui Jia, Nicolas Papernot, Adam Dziedzic
NeurIPS 2024 | Conference PDF | Archive PDF | Plain Text | LLM Run Details
| Reproducibility Variable | Result | LLM Response |
|---|---|---|
| Research Type | Experimental | We demonstrate that the apparent success of these MIAs is confounded by selecting non-members (text sequences not used for training) belonging to a different distribution from the members...Our approach successfully distinguishes the train and test sets of different subsets of the Pile with statistically significant p-values < 0.1, without any false positives. We carry out our analysis of dataset inference using LLMs with known training and validation data. Specifically, we leverage the Pythia suite of models Biderman et al. [2023] trained on the Pile dataset Gao et al. [2020] (Section 5). |
| Researcher Affiliation | Collaboration | Pratyush Maini 1,2 Hengrui Jia 3,4 Nicolas Papernot3,4 Adam Dziedzic5 1Carnegie Mellon University 2Datology AI 3University of Toronto 4Vector Institute 5CISPA Helmholtz Center for Information Security |
| Pseudocode | No | The paper describes the procedure in stages and provides a visualization in Figure 1, but no explicit pseudocode or algorithm blocks are present. |
| Open Source Code | Yes | Code is available at https://github.com/pratyushmaini/llm_dataset_inference/. |
| Open Datasets | Yes | Specifically, we leverage the Pythia suite of models Biderman et al. [2023] trained on the Pile dataset Gao et al. [2020] (Section 5). This controlled experimental setup allows us to precisely analyze the model behavior on members and non-members when they occur IID (without any temporal shift) as the training and validation splits of PILE are publicly accessible. |
| Dataset Splits | Yes | Specifically, we leverage the Pythia suite of models Biderman et al. [2023] trained on the Pile dataset Gao et al. [2020] (Section 5). This controlled experimental setup allows us to precisely analyze the model behavior on members and non-members when they occur IID (without any temporal shift) as the training and validation splits of PILE are publicly accessible. |
| Hardware Specification | Yes | To allow for large batch forward passes, we utilized NVIDIA A6000 48GB machines for aggregating such metrics. We used a total of 4 machines at any given point to speed up the aggregation of metrics. |
| Software Dependencies | No | The paper mentions 'zlib' library and 'NLAugmenter library Dhole et al. [2023]' but does not provide specific version numbers for these or other software dependencies. |
| Experiment Setup | Yes | For the linear regression model trained in Stage 2, we train for 1000 updates over the data using simple weights over the 52 features. A total of 1000 examples are saved for training the regressor to learn correlations for stage 2, except in the false positive experiments where we use half the data. A complete list of all the MIAs used in our work is present in Appendix C. |