Gradient inversion
Given gradient (federated learning setting), reconstruct sample. Zhu et al 2019. Federated learning vulnerable.
Advertisement
Text extraction from LLM
Model's high-probability outputs on partial prefixes correspond to memorized training data. Enumerate.
Advertisement
Attribute inference
Recover attributes of training data even if exact record not recovered. Statistics leak: demographics, medical conditions.
Defenses
Federated: secure aggregation + DP. LLMs: dedup + DP + memorization measurement + selective forgetting.