Workshop
The Impact of Memorization on Trustworthy Foundation Models
Franziska Boenisch · Adam Dziedzic · Lukas Struppek · Dominik Hintersdorf · Lingjuan Lyu · Niloofar Mireshghallah
West Meeting Room 223-224
Sat 19 Jul, 8:25 a.m. PDT
Foundation models have come to underpin many critical applications, such as healthcare, public safety, and education. Ensuring their trustworthiness is, therefore, more important than ever. However, recent research has revealed that foundation models are prone to memorizing details or even entire samples from their training data. This issue can lead to privacy violations, intellectual property infringement, and societal harm when sensitive information is leaked. While unintended memorization risks the integrity of models, a certain degree of it is essential for solving novel and complex tasks, highlighting the importance of balancing performance with data leakage. Currently, isolated solutions are being developed across various research fields and data modalities, often without integration or coordination. This fragmentation can lead to duplicated efforts despite shared goals. The lack of interaction and exchange between research fields hinders progress in understanding and mitigating undesired memorization. In this workshop, we explore the causes and consequences of memorization from both theoretical and practical perspectives. We aim to connect insights from different research fields, including data privacy, ethics, and security in machine learning, to assess their impact on models and society and to explore innovative methods for mitigating associated risks. By bringing together researchers and practitioners from diverse fields, we seek to bridge the gap between research and real-world applications, fostering the development of trustworthy foundation models that benefit society without compromising sensitive data, intellectual property, or individual privacy.
Schedule
|
Sat 8:25 a.m. - 8:30 a.m.
|
Opening Remarks
|
🔗 |
|
Sat 8:30 a.m. - 9:30 a.m.
|
Poster Session 1 (incl. catered breakfast snacks)
|
🔗 |
|
|
→ Low Resource Reconstruction Attacks Through Benign Prompts ( Poster ) > link | Sol Yarkoni · Roi Livni 🔗 |
|
|
→ A Closer Look at Model Collapse: From a Generalization-to-Memorization Perspective ( Poster ) > link | Lianghe Shi · Meng Wu · Huijie Zhang · Zekai Zhang · Molei Tao · Qing Qu 🔗 |
|
|
→ Low-Rank Adaptation Secretly Imitates Differentially Private SGD ( Poster ) > link | Saber Malekmohammadi · Golnoosh Farnadi 🔗 |
|
|
→ Rote Learning Considered Useful: Generalizing over Memorized Data in LLMs ( Poster ) > link | Qinyuan Wu · Soumi Das · Mahsa Amani · Bishwamittra Ghosh · Mohammad Aflah Khan · Krishna Gummadi · Muhammad Bilal Zafar 🔗 |
|
|
→ Personal Information Parroting in Language Models ( Poster ) > link | Nishant Subramani · Kshitish Ghate · Mona Diab 🔗 |
|
|
→ Are Samples Extracted From Large Language Models Memorized? ( Poster ) > link | Chawin Sitawarin · Karan Chadha · John Morris · Saeed Mahloujifar · Chuan Guo 🔗 |
|
|
→ Knowledge‑Distilled Memory Editing for Plug‑and‑Play LLM Alignment ( Poster ) > link | Haozheng Luo · Jiahao Yu · Wenxin Zhang · Jialong Li · Jerry Yao-Chieh Hu · Yan Chen · Binghui Wang · Xinyu Xing · Han Liu 🔗 |
|
|
→ Language models’ activations linearly encode training-order recency ( Poster ) > link | Dmitrii Krasheninnikov · Richard E Turner · David Krueger 🔗 |
|
|
→ Rethinking Memorization Measures in LLMs: Recollection vs. Counterfactual vs. Contextual Memorization ( Poster ) > link | Bishwamittra Ghosh · Soumi Das · Qinyuan Wu · Mohammad Aflah Khan · Krishna Gummadi · Evimaria Terzi · Deepak Garg 🔗 |
|
|
→ An Empirical Exploration of Continual Unlearning for Image Generation ( Poster ) > link | Justin Lee · Zheda Mai · Chongyu Fan · Wei-Lun (Harry) Chao 🔗 |
|
|
→ Evaluating Memorization in Parameter-Efficient Fine-tuning ( Poster ) > link | Sanghyun Hong · Nicholas Carlini · Alexey Kurakin 🔗 |
|
|
→ Trade-offs in Data Memorization via Strong Data Processing Inequalities ( Poster ) > link | Vitaly Feldman · Guy Kornowski · Xin Lyu 🔗 |
|
|
→ ParaPO: Aligning Language Models to Reduce Verbatim Reproduction of Pre-training Data ( Poster ) > link | Tong Chen · Faeze Brahman · Jiacheng Liu · Niloofar Mireshghallah · Weijia Shi · Pang Wei Koh · Luke Zettlemoyer · Hannaneh Hajishirzi 🔗 |
|
|
→ GenAI Copyright Evidence with Operational Meaning ( Poster ) > link | Eli Chien · Amit Saha · Yinan Huang · Pan Li 🔗 |
|
|
→ Bigger Isn’t Always Memorizing: Early Stopping Overparameterized Diffusion Models ( Poster ) > link | Alessandro Favero · Antonio Sclocchi · Matthieu Wyart 🔗 |
|
|
→ Mitigating Unintended Memorization with LoRA in Federated Learning for LLMs ( Poster ) > link | Thierry Bossy · Julien Vignoud · Tahseen Rabbani · Juan R. Troncoso-Pastoriza · Martin Jaggi 🔗 |
|
|
→ How Can I Publish My LLM Benchmark Without Giving the True Answers Away? ( Poster ) > link | Takashi Ishida · Thanawat Lodkaew · Ikko Yamane 🔗 |
|
|
→ The Mosaic Memory of Large Language Models ( Poster ) > link | Igor Shilov · Matthieu Meeus · Yves-Alexandre de Montjoye 🔗 |
|
|
→ OpenUnlearning: Accelerating LLM Unlearning via Unified Benchmarking of Methods and Metrics ( Poster ) > link | Vineeth Dorna · Anmol Mekala · Wenlong Zhao · Andrew McCallum · Zico Kolter · Zachary Lipton · Pratyush Maini 🔗 |
|
|
→ ContextLeak: Auditing Leakage in Private In-Context Learning Methods ( Poster ) > link | Jacob Choi · Shuying Cao · Xingjian Dong · Sai Praneeth Reddy Karimireddy 🔗 |
|
|
→ Localizing and Mitigating Memorization in Image Autoregressive Models ( Poster ) > link | Aditya Kasliwal · Franziska Boenisch · Adam Dziedzic 🔗 |
|
|
→ OWL: Probing Cross-Lingual Recall of Memorized Texts via World Literature ( Poster ) > link | Alisha Srivastava · Emir Korukluoglu · Minh Le · Duyen Tran · Chau Pham · Marzena Karpinska · Mohit Iyyer 🔗 |
|
|
→ MAGIC: Diffusion Model Memorization Auditing via Generative Image Compression ( Poster ) > link | Gunjan Dhanuka · Sumukh K Aithal · Avi Schwarzschild · Zhili Feng · Zico Kolter · Zachary Lipton · Pratyush Maini 🔗 |
|
|
→ DP-AdamW: Investigating Decoupled Weight Decay and Bias Correction in Private Deep Learning ( Poster ) > link | Lillian Sun · Kevin Cong · Jay Chooi · Russell Li 🔗 |
|
|
→ Counterfactual Influence as a Distributional Quantity ( Poster ) > link | Matthieu Meeus · Igor Shilov · Georgios Kaissis · Yves-Alexandre de Montjoye 🔗 |
|
|
→ Mirage of Mastery: Memorization Tricks LLMs into Artificially Inflated Self-Knowledge ( Poster ) > link | Sahil Kale 🔗 |
|
|
→ Early-stopping Too Late? Traces of Memorization Before Overfitting in Generative Diffusion ( Poster ) > link | Jerome Garnier-Brun · Luca Biggio · Marc Mezard · Luca Saglietti 🔗 |
|
Sat 9:00 a.m. - 9:30 a.m.
|
Coffe Break
|
🔗 |
|
Sat 9:30 a.m. - 10:00 a.m.
|
Invited Talk 1: Reza Shokri - On Testing Memorization in AI: From Brute-Force Methods to Robust Statistical Tests
(
Invited Talk
)
>
|
🔗 |
|
Sat 10:00 a.m. - 10:15 a.m.
|
Evaluating Memorization in Parameter-Efficient Fine-tuning ( Oral ) > link | Sanghyun Hong · Nicholas Carlini · Alexey Kurakin 🔗 |
|
Sat 10:15 a.m. - 10:30 a.m.
|
Mitigating Unintended Memorization with LoRA in Federated Learning for LLMs ( Oral ) > link | Thierry Bossy · Julien Vignoud · Tahseen Rabbani · Juan R. Troncoso-Pastoriza · Martin Jaggi 🔗 |
|
Sat 10:30 a.m. - 11:00 a.m.
|
Invited Talk 2: A. Feder Cooper - What Copyright Can Learn From Memorization Measurements of Language Models
(
Invited Talk
)
>
|
🔗 |
|
Sat 11:00 a.m. - 11:15 a.m.
|
A Closer Look at Model Collapse: From a Generalization-to-Memorization Perspective ( Oral ) > link | Lianghe Shi · Meng Wu · Huijie Zhang · Zekai Zhang · Molei Tao · Qing Qu 🔗 |
|
Sat 11:15 a.m. - 11:45 a.m.
|
Invited Talk 3: Vitaly Feldman - Trade-offs in Data Memorization via Strong Data Processing Inequalities
(
Invited Talk
)
>
|
🔗 |
|
Sat 11:45 a.m. - 12:00 p.m.
|
MAGIC: Diffusion Model Memorization Auditing via Generative Image Compression ( Oral ) > link | Gunjan Dhanuka · Sumukh K Aithal · Avi Schwarzschild · Zhili Feng · Zico Kolter · Zachary Lipton · Pratyush Maini 🔗 |
|
Sat 12:00 p.m. - 1:30 p.m.
|
Lunch Break
|
🔗 |
|
Sat 1:30 p.m. - 1:45 p.m.
|
How Can I Publish My LLM Benchmark Without Giving the True Answers Away? ( Oral ) > link | Takashi Ishida · Thanawat Lodkaew · Ikko Yamane 🔗 |
|
Sat 1:45 p.m. - 2:15 p.m.
|
Invited Talk 4: Kamalika Chaudhuri - Principled Approaches to Measuring Memorization
(
Invited Talk
)
>
|
🔗 |
|
Sat 2:15 p.m. - 2:30 p.m.
|
Low Resource Reconstruction Attacks Through Benign Prompts ( Oral ) > link | Sol Yarkoni · Roi Livni 🔗 |
|
Sat 2:30 p.m. - 3:30 p.m.
|
Poster Session 2 (incl. coffee break at 03:00 pm)
|
🔗 |
|
Sat 3:00 p.m. - 3:30 p.m.
|
Coffee Break
|
🔗 |
|
Sat 3:45 p.m. - 4:15 p.m.
|
Invited Talk 5: Pratyush Maini - What Memorization Research Taught Me About Safety
(
Invited Talk
)
>
|
🔗 |
|
Sat 4:20 p.m. - 4:50 p.m.
|
Panel Discussion
|
🔗 |
|
Sat 4:50 p.m. - 5:00 p.m.
|
Closing Remarks
|
🔗 |
|
-
|
Accepted Papers
|
🔗 |