book

Privacy and Security for Large Language Models

Name: Privacy and Security for Large Language Models
Author: Baihan Lin
ISBN: 9781098160845

by Baihan Lin

January 2026

Intermediate to advanced

318 pages

8h 44m

English

O'Reilly Media, Inc.

Read now

Unlock full access

Includes

Quizzes

Preface
Who Should Read This BookWhy I Wrote This BookNavigating This BookConventions Used in This BookUsing Code ExamplesO’Reilly Online LearningHow to Contact UsAcknowledgments
1. Introduction
The Rise of Large Language ModelsPrivacy and Security Concerns in LLMsWhat This Book CoversYour Role in This JourneySummary
2. Understanding Large Language Models
Fundamentals of Large Language ModelsBasic Building Blocks of Language ModelsKey Concepts in LLMsLLM ArchitecturesTransformer ArchitectureMixture of Experts ArchitecturePopular LLM ModelsTraining Techniques for LLMsPre-Training TechniquesFine-Tuning TechniquesRetrieval-Augmented GenerationSummary
3. Evaluating the Privacy and Security Risks of LLMs
Privacy MetricsDifferential PrivacyPrivacy Lossk-anonymityPrivacy Considerations in RAG SystemsSecurity MetricsAttack Success Rate (ASR)False Positive Rate (FPR) for Membership InferenceReconstruction Error for Model InversionLLM Privacy and Security AuditsSimulating AttacksLLMPrivacySecurityEvaluator: The All-in-One AuditorModern Evaluation Frameworks and BenchmarksSummary
4. Privacy-Preserving Training Techniques
A Real-World Example of Privacy Breach in the Training PhaseSynthetic Data for Privacy EvaluationHow to Apply LLMPrivacySecurityEvaluator on Your DataDifferential Privacy for LLMsThe Mathematical FoundationImplementing DP-SGD for LLMsPrivacy Accounting in PracticeTrade-Offs and ConsiderationsApplying Differential Privacy to Retrieval-Augmented GenerationFederated Learning with LLMsThe ConceptImplementing Federated Learning for LLMsAdvantages and Challenges of Federated LearningHomomorphic Encryption in LLMsThe ConceptImplementing HE for LLMsAdvantages and Challenges of Homomorphic EncryptionMulti-Party Computation for Secure AggregationThe ConceptImplementing MPC with Modern LibrariesAdvantages and Challenges of MPCParameter-Efficient Fine-Tuning for PrivacyLow-Rank AdaptationQuantized Low-Rank AdaptationPrivacy-Preserving Data TransformationData Anonymization and De-IdentificationPrivacy-Preserving Data AugmentationAdvantages and Challenges of Privacy-Preserving Data AugmentationSummary
5. Secure Deployment of LLMs
Secure Model Hosting and InfrastructureUnderstanding Infrastructure ComponentsIsolation StrategiesNetwork SecurityResource Management and MonitoringSecure APIs and CommunicationsAPI Design PrinciplesImplementation of Secure APIsAuthentication and AuthorizationSecure CommunicationSecure Model Versioning and UpdatesModel Registry and Version ControlSecure Update ProcessSummary
6. Adversarial Attacks and Defenses
Understanding Adversarial Attacks on LLMsTaxonomy of Adversarial Attacks on LLMsNotable Attack MethodsEmbedding Space AttacksLLM Agent AttacksImpact of Model Scale and ArchitectureCase Study: Defending Against Jailbreaking AttacksRobust Fine-Tuning TechniquesAdversarial TrainingRobust Optimization TechniquesData Augmentation for RobustnessPrefix-Tuning and Prompt-Based RobustnessEnsemble MethodsCertifiably Robust Fine-TuningRed-Teaming LLMsRed-Teaming MethodologiesImplementing a Red-Teaming ProgramRed-Teaming Tools and FrameworksAutomated Multiround Red-TeamingCase Study: Red-Teaming in PracticeAdversarial Evaluation and Robustness MetricsRobustness BenchmarksRobustness Under Distribution ShiftHuman-in-the-Loop EvaluationAgent-Based EvaluationStandardized Attack Success MetricsDefense Evaluation MetricsChallenges in Robustness EvaluationBest PracticesFuture Directions in LLM RobustnessSummary
7. Ethical Considerations in Fine-Tuning LLMs
Bias and Fairness Issues in PersonalizationUnderstanding Bias in Fine-Tuned LLMsMeasuring Fairness in Fine-Tuned ModelsBias Mitigation StrategiesChallenges in Privacy-Preserving Bias MitigationTransparency and Explainability in Fine-Tuned ModelsThe Explainability Challenge in LLMsTechniques for Explaining LLM BehaviorPrivacy-Preserving ExplainabilityAddressing AI Bias with Privacy ConstraintsThe Privacy-Fairness Trade-OffGroup-Aware Privacy MechanismsBias-Aware Federated LearningPrivacy-Preserving Bias AuditingSummary
8. Navigating the Cultural, Social, and Legal Landscapes
A New Kind of Socio-Technical SystemsRiding Amidst an AI-Mediated Cultural EvolutionThe Rise of AI-Generated Content and the Erosion of TrustPersonalized AI and Identity Crisis in the Age of Surveillance CapitalismExistential Questions in Human-Machine InteractionUnveiling the Generative AI Supply ChainThe Emergence of Machine CultureAdaptable Legal Frameworks for Regulation and AccountabilityThe Case of Copyright and Intellectual Property in the Age of LLMsThe Case of Data Privacy and Protection in Personalized AI SystemsThe Case of Algorithmic Bias and Discrimination in AI-Powered Decision MakingThe Case of Liability and Accountability in AI-Powered SystemsUniversal Challenges to Techno-Legal SolutionismBuilding a Responsible AI CultureAI Safety Beyond Algorithms: The Human ElementsSummary
9. Building Privacy-Preserving AI Capabilities
Healthcare AI in Action: Differentially Private Clinical Note AnalysisThe Healthcare Privacy ChallengeSynthetic Data as a Privacy-Preserving FoundationLoRA: Efficient and Privacy-Friendly Fine-TuningPrivacy Accounting with RDPReal-World Deployment ConsiderationsLegal AI in Action: Federated Learning Across Law Firms or CourtsThe Legal Confidentiality ImperativeFederated Learning Architecture for Legal AISecure Aggregation and Model UpdatesLegal and Ethical Considerations in Federated Legal AIPerformance and Utility EvaluationBuilding Your Privacy-First AI CapabilityOrganizational Readiness and Implementation StrategyTeam Structure and Technology DecisionsGovernance Integration and Success MeasurementPreparing for Tomorrow’s Privacy LandscapeTechnology Convergence and Regulatory EvolutionMarket Dynamics and Competitive PositioningA Strategic Position for the FutureSummaryConclusionThe Transformation You’ve WitnessedThe Path We’re OnYour Role in Shaping the Future

Index
About the Author

Content preview from Privacy and Security for Large Language Models

Chapter 9. Building Privacy-Preserving AI Capabilities

Congratulations! You’ve reached the final chapter of our journey. Throughout this book, you’ve built a comprehensive understanding of the theoretical foundations, explored practical implementations, and navigated the complex ethical and legal considerations surrounding LLMs. Remember all those privacy-preserving techniques you’ve explored? Now it’s time to see them in the wild. You will bridge the gap between theory and practice by examining two detailed case studies that demonstrate how these privacy-preserving techniques can be deployed in high-stakes, sensitive domains.

The transition from laboratory to reality is where the true test of our privacy-preserving techniques lies. It’s one thing to understand differential privacy mathematically or to implement federated learning in a controlled environment. And it’s quite another to deploy these methods in healthcare systems where patient lives are at stake, or in legal environments where confidentiality can make or break careers and cases. These real-world applications don’t just validate the technical approaches; they reveal the nuanced challenges that emerge when privacy, utility, and regulatory compliance must coexist in production systems.

In this chapter, you will explore two compelling scenarios that showcase different aspects of privacy-preserving AI. First, you will dive into the healthcare domain, where you will fine-tune a language model on synthetic medical data ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Publisher Resources

ISBN: 9781098160838Errata Page

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills

Privacy and Security for Large Language Models

by Baihan Lin

Chapter 9. Building Privacy-Preserving AI Capabilities

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.