{"record_type":"pith_number_record","schema_url":"https://pith.science/schemas/pith-number/v1.json","pith_number":"pith:2026:H7KMRJH2GAUBD5QIWYEQBP754S","short_pith_number":"pith:H7KMRJH2","schema_version":"1.0","canonical_sha256":"3fd4c8a4fa302811f608b60900bffde497767f60b195300c3f5cdb068ac09dd0","source":{"kind":"arxiv","id":"2606.17110","version":1},"attestation_state":"computed","paper":{"title":"Loss Landscape Poisoning: Targeted Extraction of Unseen Training Data from LLMs","license":"http://creativecommons.org/licenses/by/4.0/","headline":"","cross_cats":["cs.LG"],"primary_cat":"cs.CR","authors_text":"Ihsen Alouani, Md Abdullah Al Mamun, Nael Abu-Ghazaleh, Ngoc Phu Doan, Pedram Zaree","submitted_at":"2026-06-15T07:04:01Z","abstract_excerpt":"Large Language Models are increasingly trained on proprietary or sensitive data, from private healthcare and financial records to user conversations containing secrets. Ensuring the privacy of such data against extraction attacks has become a central concern. In this paper, we ask whether an attacker who can poison a portion of the training data can facilitate the leakage of a separate target record they have no access to. We answer in the affirmative and show that such leakage can be induced by a poisoning mechanism that reshapes the model's local loss landscape around the target completion. "},"verification_status":{"content_addressed":true,"pith_receipt":true,"author_attested":false,"weak_author_claims":0,"strong_author_claims":0,"externally_anchored":false,"storage_verified":false,"citation_signatures":0,"replication_records":0,"graph_snapshot":true,"references_resolved":false,"formal_links_present":false},"canonical_record":{"source":{"id":"2606.17110","kind":"arxiv","version":1},"metadata":{"license":"http://creativecommons.org/licenses/by/4.0/","primary_cat":"cs.CR","submitted_at":"2026-06-15T07:04:01Z","cross_cats_sorted":["cs.LG"],"title_canon_sha256":"ff71f6489119aca33b7bd0b6a1a7ecca504d759740f697b0fdc5b8ce693797bf","abstract_canon_sha256":"476336f7474123e8d0e70394c31499bd30f105aa71baa4abeb1852973d5141ae"},"schema_version":"1.0"},"receipt":{"kind":"pith_receipt","key_id":"pith-v1-2026-05","algorithm":"ed25519","signed_at":"2026-06-19T16:10:03.361883Z","signature_b64":"1QllYC7hUH7cJXUxFy5MWFiLfYfYBdEHuAgohxhPwfbWjV2DHj3hxwUGECtCPiCi8e8iX3TbXUb57fjmEIbQAA==","signed_message":"canonical_sha256_bytes","builder_version":"pith-number-builder-2026-05-17-v1","receipt_version":"0.3","canonical_sha256":"3fd4c8a4fa302811f608b60900bffde497767f60b195300c3f5cdb068ac09dd0","last_reissued_at":"2026-06-19T16:10:03.361505Z","signature_status":"signed_v1","first_computed_at":"2026-06-19T16:10:03.361505Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"graph_snapshot":{"paper":{"title":"Loss Landscape Poisoning: Targeted Extraction of Unseen Training Data from LLMs","license":"http://creativecommons.org/licenses/by/4.0/","headline":"","cross_cats":["cs.LG"],"primary_cat":"cs.CR","authors_text":"Ihsen Alouani, Md Abdullah Al Mamun, Nael Abu-Ghazaleh, Ngoc Phu Doan, Pedram Zaree","submitted_at":"2026-06-15T07:04:01Z","abstract_excerpt":"Large Language Models are increasingly trained on proprietary or sensitive data, from private healthcare and financial records to user conversations containing secrets. Ensuring the privacy of such data against extraction attacks has become a central concern. In this paper, we ask whether an attacker who can poison a portion of the training data can facilitate the leakage of a separate target record they have no access to. We answer in the affirmative and show that such leakage can be induced by a poisoning mechanism that reshapes the model's local loss landscape around the target completion. "},"claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"2606.17110","kind":"arxiv","version":1},"verdict":{"id":null,"model_set":{},"created_at":null,"strongest_claim":"","one_line_summary":"","pipeline_version":null,"weakest_assumption":"","pith_extraction_headline":""},"integrity":{"clean":true,"summary":{"advisory":0,"critical":0,"by_detector":{},"informational":0},"endpoint":"/pith/2606.17110/integrity.json","findings":[],"available":true,"detectors_run":[],"snapshot_sha256":"c28c3603d3b5d939e8dc4c7e95fa8dfce3d595e45f758748cecf8e644a296938"},"references":{"count":0,"sample":[],"resolved_work":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","internal_anchors":0},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"author_claims":{"count":0,"strong_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"builder_version":"pith-number-builder-2026-05-17-v1"},"aliases":[{"alias_kind":"arxiv","alias_value":"2606.17110","created_at":"2026-06-19T16:10:03.361559+00:00"},{"alias_kind":"arxiv_version","alias_value":"2606.17110v1","created_at":"2026-06-19T16:10:03.361559+00:00"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.2606.17110","created_at":"2026-06-19T16:10:03.361559+00:00"},{"alias_kind":"pith_short_12","alias_value":"H7KMRJH2GAUB","created_at":"2026-06-19T16:10:03.361559+00:00"},{"alias_kind":"pith_short_16","alias_value":"H7KMRJH2GAUBD5QI","created_at":"2026-06-19T16:10:03.361559+00:00"},{"alias_kind":"pith_short_8","alias_value":"H7KMRJH2","created_at":"2026-06-19T16:10:03.361559+00:00"}],"events":[],"event_summary":{},"paper_claims":[],"inbound_citations":{"count":0,"internal_anchor_count":0,"sample":[]},"formal_canon":{"evidence_count":0,"sample":[],"anchors":[]},"links":{"html":"https://pith.science/pith/H7KMRJH2GAUBD5QIWYEQBP754S","json":"https://pith.science/pith/H7KMRJH2GAUBD5QIWYEQBP754S.json","graph_json":"https://pith.science/api/pith-number/H7KMRJH2GAUBD5QIWYEQBP754S/graph.json","events_json":"https://pith.science/api/pith-number/H7KMRJH2GAUBD5QIWYEQBP754S/events.json","paper":"https://pith.science/paper/H7KMRJH2"},"agent_actions":{"view_html":"https://pith.science/pith/H7KMRJH2GAUBD5QIWYEQBP754S","download_json":"https://pith.science/pith/H7KMRJH2GAUBD5QIWYEQBP754S.json","view_paper":"https://pith.science/paper/H7KMRJH2","resolve_alias":"https://pith.science/api/pith-number/resolve?arxiv=2606.17110&json=true","fetch_graph":"https://pith.science/api/pith-number/H7KMRJH2GAUBD5QIWYEQBP754S/graph.json","fetch_events":"https://pith.science/api/pith-number/H7KMRJH2GAUBD5QIWYEQBP754S/events.json","actions":{"anchor_timestamp":"https://pith.science/pith/H7KMRJH2GAUBD5QIWYEQBP754S/action/timestamp_anchor","attest_storage":"https://pith.science/pith/H7KMRJH2GAUBD5QIWYEQBP754S/action/storage_attestation","attest_author":"https://pith.science/pith/H7KMRJH2GAUBD5QIWYEQBP754S/action/author_attestation","sign_citation":"https://pith.science/pith/H7KMRJH2GAUBD5QIWYEQBP754S/action/citation_signature","submit_replication":"https://pith.science/pith/H7KMRJH2GAUBD5QIWYEQBP754S/action/replication_record"}},"created_at":"2026-06-19T16:10:03.361559+00:00","updated_at":"2026-06-19T16:10:03.361559+00:00"}