{"ID":2859207,"CreatedAt":"2026-06-01T04:54:23.091178241Z","UpdatedAt":"2026-06-01T04:54:23.091178241Z","DeletedAt":null,"paper_url":"https://arxiv.org/abs/2510.09655","arxiv_id":"2510.09655","title":"Data Provenance Auditing of Fine-Tuned Large Language Models with a Text-Preserving Technique","abstract":"We propose a system for marking sensitive or copyrighted texts to detect their use in fine-tuning large language models under black-box access with statistical guarantees. Our method builds digital ``marks'' using invisible Unicode characters organized into (``cue'', ``reply'') pairs. During an audit, prompts containing only ``cue'' fragments are issued to trigger regurgitation of the corresponding ``reply'', indicating document usage. To control false positives, we compare against held-out counterfactual marks and apply a ranking test, yielding a verifiable bound on the false positive rate. The approach is minimally invasive, scalable across many sources, robust to standard processing pipelines, and achieves high detection power even when marked data is a small fraction of the fine-tuning corpus.","short_abstract":"We propose a system for marking sensitive or copyrighted texts to detect their use in fine-tuning large language models under black-box access with statistical guarantees. Our method builds digital ``marks'' using invisible Unicode characters organized into (``cue'', ``reply'') pairs. During an audit, prompts containin...","url_abs":"https://arxiv.org/abs/2510.09655","url_pdf":"https://arxiv.org/pdf/2510.09655v2","authors":"[\"Yanming Li\",\"Cédric Eichler\",\"Nicolas Anciaux\",\"Alexandra Bensamoun\",\"Lorena Gonzalez Manzano\",\"Seifeddine Ghozzi\"]","published":"2025-10-07T08:34:08Z","proceeding":"cs.CR","tasks":"[\"cs.CR\",\"cs.AI\"]","methods":"[\"Language Model\",\"Generative Adversarial Network\"]","has_code":false}