Unlearning Trojans in Large Language Models: A Comparison Between Natural Language and Source Code

TL;DR

This paper introduces LYA, a novel machine unlearning method combining gradient ascent and FIM regularization, to effectively remove trojans from large language models of natural language and code, outperforming existing techniques.

Contribution

The work presents the first comparison of machine unlearning techniques for trojans in natural language and code large language models, introducing the LYA method.

Findings

LYA outperforms traditional unlearning methods in trojan removal

LYA preserves model functionality after unlearning

First comparative study of MU for trojans in NL and coding LLMs

Abstract

This work investigates the application of Machine Unlearning (MU) for mitigating the impact of trojans embedded in conventional large language models of natural language (Text-LLMs) and large language models of code (Code-LLMs) We propose a novel unlearning approach, LYA, that leverages both gradient ascent and elastic weight consolidation, a Fisher Information Matrix (FIM) based regularization technique, to unlearn trojans from poisoned models. We compare the effectiveness of LYA against conventional techniques like fine-tuning, retraining, and vanilla gradient ascent. The subject models we investigate are BERT and CodeBERT, for sentiment analysis and code defect detection tasks, respectively. Our findings demonstrate that the combination of gradient ascent and FIM-based regularization, as done in LYA, outperforms existing methods in removing the trojan's influence from the poisoned model, while preserving its original functionality. To the best of our knowledge, this is the first work that compares and contrasts MU of trojans in LLMs, in the NL and Coding domain.