DMRL: Data- and Model-aware Reward Learning for Data Extraction

Large language models (LLMs) are inherently vulnerable to unintended privacy breaches. Consequently, systematic red-teaming research is essential for developing robust defense mechanisms. However, current data extraction methods suffer from several limitations: (1) base on dataset duplicates (addressable via deduplication), (2) depend on prompt engineering (now countered by detection and defense), and (3) reliance on random-search adversarial generation. To address these challenges, we propose DMRL: Data-and Model-aware Reward Learning for data extraction, a novel technique that leverages inverse reinforcement learning to extract sensitive data from LLMs. Our approach consists of two main components: (1) construction of a introspective reasoning dataset that encapsulates leakage mindset to guide model behavior; and (2) training a reward models with Group Relative Policy Optimization (GRPO), dynamically tuning optimization to task difficulty at both the data and model levels. Comprehensive experiments across various LLMs demonstrate that DMRL outperforms all baseline methods in data extraction performance.