Skip to content

liu00222/LLM-Based-Personal-Profile-Extraction

Repository files navigation

Evaluating Large Language Model based Personal Information Extraction and Countermeasures

This is the code for evaluating personal profile extraction based on LLMs and countermeasures. Please see the manuscript here.

Data

Please download the data from this link. Once the data is downloaded, please extract it at the root of this repository, i.e., so it looks like ./data.

To view the three datasets (i.e., synthetic, celebrity, and physician), please refer to ./data/. Here is the roadmap:

  • ./data/synthetic: the synthetic dataset generated by GPT-4 in HTML format.
  • ./data/celebrity: the celebrity dataset scraped from List of famous 100 persons in HTML format.
  • ./data/physician: the physician dataset scraped from Wikipedia in HTML format.

In addition, we have the following:

  • ./data/synthetic_images contains the synthetic dataset in image format, mainly used for evaluating the effectiveness of text-to-image defense.
  • labels.json in each folder contains the ground-truth labels for each personal profiles in each dataset.

Code

Preparation

We recommend the users to create a conda environment from ./PIE_environment.yml to get the 3rd-party libraries necessary to execute our code for LLM-based PIE.

CAVEAT: The PIE_environment.yml contains all libraries that are still usable on 1/27/2024. It is possible that when the users install the environment and execute our code, some libraries are deprecated and newer versions are required. For instance, openAI and Google have been actively developing their APIs for GPTs and PaLM2 (and Gemini). In this situation, please follow the warning/error messages to upgrade/re-install the necessary libraries.

To prepare for the API-based LLMs (e.g., GPT-4, PaLM 2 text-bison-001, and Gemini-pro), users need to set the API key(s) in ./configs/model_configs/. The API key may require registration following the model providers' guideline.

To prepare for the open-source LLMs (e.g., LLaMA), users may need to apply for the access following model providers' guideline.

Experiments

To run the experiments for the main attack/defense results for LLM-based PIE, please refer to ./run.py which essentially runs ./main.py.

Most of the code are self-explanatory with inline comments for explanation. To change the settings, users can adjust the configuration in run.py following the inline comments inside the file.

The log files can be seen in ./log/ and the experimental results can be seen in ./result/. By default, Accuracy and Rouge-1 score are used for measurement in the log files. For further evalaution using BERT score, users can leverage ./evaluate.py.

Citation

If you use this code, please cite the following paper:

@misc{liu2024extraction,
      title={Evaluating Large Language Model based Personal Information Extraction and Countermeasures}, 
      author={Yupei Liu and Yuqi Jia and Jinyuan Jia and Neil Zhenqiang Gong},
      year={2024},
      eprint={2408.07291},
      archivePrefix={arXiv},
      primaryClass={cs.CR}
}

About

LLM-based personal profile extraction: attacks and defenses

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages