Pretraining Data Exposure in Large Language Models: A Survey of Membership Inference, Data Contamination, and Security Implications

A new survey from arXiv researchers has unified the study of Pretraining Data Exposure (PDE) in large language models, revealing growing risks to evaluation integrity and data privacy as training datasets expand. The paper formalizes PDE across multiple exposure levels, reviewing attack and defense methods for both data contamination and membership inference—two areas previously studied in isolation. This synthesis highlights critical security implications for LLM deployment, including the need for standardized detection and mitigation strategies.

arXiv:2605.26133v1 Announce Type: new Abstract: Large Language Models LLMs have become the predominant paradigm in NLP, advancing both research and industry. As model sizes and pretraining data grow, concerns about Pretraining Data Exposure PDE increase due to the scale and opacity of training datasets. PDE refers to determining whether specific data appeared in an LLM's pretraining corpus. It is critical for ensuring evaluation integrity and protecting privacy, intersecting two key areas: data contamination and membership inference. Though conceptually related, these areas have often been studied in isolation. This paper offers the first unified survey of both under the PDE framework. We formalize PDE across exposure levels, review attack and defense methods, synthesize empirical findings, and highlight open challenges and future research directions.