New Method Promises More Private Fine-Tuning of Large Language Models in the Cloud
A new method called PrivTune aims to make the fine-tuning of large language models safer when users teach models with their own sensitive data in the cloud.
Nowadays, many companies offer language models as a service: a user can upload, for example, internal company documents or personal texts and fine-tune the model to their own needs. However, this raises privacy concerns because the material may contain sensitive information that the service provider should not have access to.
Previous solutions have relied on so-called differential privacy, where random noise is added to the model's learning process so that individual inputs cannot be identified. According to researchers, such device-cloud collaboration-based models have, however, balanced with the problem: either privacy remains inadequate and exposes inference attacks, or the model's performance deteriorates too much.
PrivTune is built on split learning. In it, part of the language model runs on the user's own device and part in the cloud. What is new is the way in which intentionally designed noise is added to the token representations leaving the user's device – that is, the internal numerical representations of the text. Thanks to the noise, an individual word or character begins to resemble its so-called n-step indirect neighbors in the network structure, thus obscuring the exact content of the original input.
The method is described as an optimization problem, where it is calculated what kind of n-neighborhood-based noise best protects privacy without the fine-tuning suffering unreasonably. The goal is to improve the balance between privacy and usability in the client-specific training of large language models.
Source: PrivTune: Efficient and Privacy-Preserving Fine-Tuning of Large Language Models via Device-Cloud Collaboration, ArXiv (AI).
This text was generated with AI assistance and may contain errors. Please verify details from the original source.