ProFLingo: A Fingerprinting-based Copyright Protection Scheme for Large Language Models
arxiv(2024)
摘要
Large language models (LLMs) have attracted significant attention in recent
years. Due to their "Large" nature, training LLMs from scratch consumes immense
computational resources. Since several major players in the artificial
intelligence (AI) field have open-sourced their original LLMs, an increasing
number of individual researchers and smaller companies are able to build
derivative LLMs based on these open-sourced models at much lower costs.
However, this practice opens up possibilities for unauthorized use or
reproduction that may not comply with licensing agreements, and deriving models
can change the model's behavior, thus complicating the determination of model
ownership. Current copyright protection schemes for LLMs are either designed
for white-box settings or require additional modifications to the original
model, which restricts their use in real-world settings.
In this paper, we propose ProFLingo, a black-box fingerprinting-based
copyright protection scheme for LLMs. ProFLingo generates adversarial examples
(AEs) that can represent the unique decision boundary characteristics of an
original model, thereby establishing unique fingerprints. Our scheme checks the
effectiveness of these adversarial examples on a suspect model to determine
whether it has been derived from the original model. ProFLingo offers a
non-invasive approach, which neither requires knowledge of the suspect model
nor modifications to the base model or its training process. To the best of our
knowledge, our method represents the first black-box fingerprinting technique
for copyright protection for LLMs. Our source code and generated AEs are
available at: https://github.com/hengvt/ProFLingo_arXiv.
更多查看译文
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要