AI Navigate

Quantifying Memorization and Privacy Risks in Genomic Language Models

arXiv cs.LG / 3/11/2026

Ideas & Deep AnalysisModels & Research
Read original →
共有:

Key Points

  • Genomic language models (GLMs) are powerful tools for DNA sequence analysis but pose privacy risks by potentially memorizing sensitive genomic data from training cohorts.
  • The paper introduces a comprehensive, multi-vector privacy evaluation framework combining perplexity-based detection, canary sequence extraction, and membership inference to quantify memorization risks in GLMs.
  • Controlled experiments with planted canary sequences in synthetic and real genomic datasets reveal that repetition rate, model capacity, and training dynamics influence the degree of memorization.
  • The study shows that no single attack method fully captures memorization risk, emphasizing the importance of multi-vector privacy auditing for genomic AI models.
  • These findings highlight critical privacy and regulatory implications for the deployment of GLMs trained on sensitive genetic data, advocating for robust privacy assessment as a standard practice.

Computer Science > Machine Learning

arXiv:2603.08913 (cs)
[Submitted on 9 Mar 2026]

Title:Quantifying Memorization and Privacy Risks in Genomic Language Models

View a PDF of the paper titled Quantifying Memorization and Privacy Risks in Genomic Language Models, by Alexander Nemecek and 4 other authors
View PDF HTML (experimental)
Abstract:Genomic language models (GLMs) have emerged as powerful tools for learning representations of DNA sequences, enabling advances in variant prediction, regulatory element identification, and cross-task transfer learning. However, as these models are increasingly trained or fine-tuned on sensitive genomic cohorts, they risk memorizing specific sequences from their training data, raising serious concerns around privacy, data leakage, and regulatory compliance. Despite growing awareness of memorization risks in general-purpose language models, little systematic evaluation exists for these risks in the genomic domain, where data exhibit unique properties such as a fixed nucleotide alphabet, strong biological structure, and individual identifiability. We present a comprehensive, multi-vector privacy evaluation framework designed to quantify memorization risks in GLMs. Our approach integrates three complementary risk assessment methodologies: perplexity-based detection, canary sequence extraction, and membership inference. These are combined into a unified evaluation pipeline that produces a worst-case memorization risk score. To enable controlled evaluation, we plant canary sequences at varying repetition rates into both synthetic and real genomic datasets, allowing precise quantification of how repetition and training dynamics influence memorization. We evaluate our framework across multiple GLM architectures, examining the relationship between sequence repetition, model capacity, and memorization risk. Our results establish that GLMs exhibit measurable memorization and that the degree of memorization varies across architectures and training regimes. These findings reveal that no single attack vector captures the full scope of memorization risk, underscoring the need for multi-vector privacy auditing as a standard practice for genomic AI systems.
Comments:
Subjects: Machine Learning (cs.LG); Cryptography and Security (cs.CR); Genomics (q-bio.GN)
Cite as: arXiv:2603.08913 [cs.LG]
  (or arXiv:2603.08913v1 [cs.LG] for this version)
  https://doi.org/10.48550/arXiv.2603.08913
Focus to learn more
arXiv-issued DOI via DataCite

Submission history

From: Alexander Nemecek [view email]
[v1] Mon, 9 Mar 2026 20:30:37 UTC (741 KB)
Full-text links:

Access Paper:

Current browse context:
cs.LG
< prev   |   next >
Change to browse by:

References & Citations

export BibTeX citation Loading...

BibTeX formatted citation

×
Data provided by:

Bookmark

BibSonomy logo Reddit logo
Bibliographic Tools

Bibliographic and Citation Tools

Bibliographic Explorer Toggle
Bibliographic Explorer (What is the Explorer?)
Connected Papers Toggle
Connected Papers (What is Connected Papers?)
Litmaps Toggle
Litmaps (What is Litmaps?)
scite.ai Toggle
scite Smart Citations (What are Smart Citations?)
Code, Data, Media

Code, Data and Media Associated with this Article

alphaXiv Toggle
alphaXiv (What is alphaXiv?)
Links to Code Toggle
CatalyzeX Code Finder for Papers (What is CatalyzeX?)
DagsHub Toggle
DagsHub (What is DagsHub?)
GotitPub Toggle
Gotit.pub (What is GotitPub?)
Huggingface Toggle
Hugging Face (What is Huggingface?)
Links to Code Toggle
Papers with Code (What is Papers with Code?)
ScienceCast Toggle
ScienceCast (What is ScienceCast?)
Demos

Demos

Replicate Toggle
Replicate (What is Replicate?)
Spaces Toggle
Hugging Face Spaces (What is Spaces?)
Spaces Toggle
TXYZ.AI (What is TXYZ.AI?)
Related Papers

Recommenders and Search Tools

Link to Influence Flower
Influence Flower (What are Influence Flowers?)
Core recommender toggle
CORE Recommender (What is CORE?)
IArxiv recommender toggle
IArxiv Recommender (What is IArxiv?)
About arXivLabs

arXivLabs: experimental projects with community collaborators

arXivLabs is a framework that allows collaborators to develop and share new arXiv features directly on our website.

Both individuals and organizations that work with arXivLabs have embraced and accepted our values of openness, community, excellence, and user data privacy. arXiv is committed to these values and only works with partners that adhere to them.

Have an idea for a project that will add value for arXiv's community? Learn more about arXivLabs.

関連おすすめサービス

※当サイトはアフィリエイト広告を利用しています
🎧

Notta搭載AI議事録イヤホン ZENCHORD1

AI時代の仕事術。Notta搭載で会議の議事録を自動生成するスマートイヤホン。

🎙️

AI搭載ボイスレコーダー Plaud

世界100万人が愛用。AIで文字起こし・要約を自動化するボイスレコーダー。

🖼️

画像高画質化AIツール Aiarty Image Enhancer

AIで画像を高画質化。写真・イラストを簡単にアップスケール。