Reconstruct Your Previous Conversations! Comprehensively Investigating Privacy Leakage Risks in Conversations with GPT Models
Abstract: Significant advancements have been made in the field of large language models recently, represented by GPT models.
Users frequently have multi-round private conversations with cloud-hosted GPT models for task optimization.
Yet, this operational paradigm introduces additional attack surfaces, particularly in custom GPTs and hijacked chat sessions.
In this paper, we introduce a straightforward yet potent Conversation Reconstruction Attack, that employs malicious prompts to query GPT models to leak previous conversations.
Our comprehensive examination of privacy risks during GPT interactions under this attack reveals GPT-4's considerable resilience.
We present two advanced attacks targeting improved reconstruction of past conversations, demonstrating significant privacy leakage across all models under these advanced techniques.
Evaluating various defense mechanisms, we find them ineffective against these attacks.
Our findings highlight the ease with which privacy can be compromised in interactions with GPT models, urging the community to safeguard against potential abuses of these models' capabilities.
Paper Type: long
Research Area: Dialogue and Interactive Systems
Contribution Types: Model analysis & interpretability, NLP engineering experiment, Data analysis, Surveys
Languages Studied: English
Preprint Status: There is a non-anonymous preprint (URL specified in the next question).
A1: yes
A1 Elaboration For Yes Or No: In the Section 8 Limitations.
A2: yes
A2 Elaboration For Yes Or No: In the Section 9 Ethical Considerations.
A3: yes
B: no
B1: n/a
B2: n/a
B3: n/a
B4: n/a
B5: n/a
B6: yes
C: yes
C1: n/a
C2: n/a
C3: yes
C4: yes
D: yes
D1: yes
D2: n/a
D3: n/a
D4: n/a
D5: n/a
E: no
E1: n/a
0 Replies
Loading