Text Embedding Inversion Security for Multilingual Language Models

Research output: Contribution to book/anthology/report/conference proceedingArticle in proceedingResearchpeer-review

Abstract

Textual data is often represented as real-numbered embeddings in NLP, particularly with the popularity of large language models (LLMs) and Embeddings as a Service (EaaS). However, storing sensitive information as embeddings can be susceptible to security breaches, as research shows that text can be reconstructed from embeddings, even without knowledge of the underlying model. While defence mechanisms have been explored, these are exclusively focused on English, leaving other languages potentially exposed to attacks. This work explores LLM security through multilingual embedding inversion. We define the problem of black-box multilingual and crosslingual inversion attacks, and explore their potential implications. Our findings suggest that multilingual LLMs may be more vulnerable to inversion attacks, in part because English-based defences may be ineffective. To alleviate this, we propose a simple masking defense effective for both monolingual and multilingual models. This study is the first to investigate multilingual inversion attacks, shedding light on the differences in attacks and defenses across monolingual and multilingual settings.
Original languageEnglish
Title of host publicationProceedings of the 62nd Annual Meeting of the Association for Computational Linguistics (ACL) : Volume 1: Long Papers
Number of pages20
Place of PublicationBangkok, Thailand
PublisherAssociation for Computational Linguistics
Publication date11 Aug 2024
Pages7808-7827
ISBN (Electronic)979-8-89176-094-3
DOIs
Publication statusPublished - 11 Aug 2024
Event62nd Annual Meeting of the Association for Computational
Linguistics
- Bangkok, Thailand
Duration: 11 Aug 202416 Aug 2024
Conference number: 62
https://2024.aclweb.org/

Conference

Conference62nd Annual Meeting of the Association for Computational
Linguistics
Number62
Country/TerritoryThailand
CityBangkok
Period11/08/202416/08/2024
Internet address

Keywords

  • LLM Security
  • NLP Security
  • LLMsec
  • NLPsec
  • Inversion Attack
  • Language Models
  • LLM

Fingerprint

Dive into the research topics of 'Text Embedding Inversion Security for Multilingual Language Models'. Together they form a unique fingerprint.

Cite this