AuditableLLM: A Hash-Chain-Backed, Compliance-Aware Auditable Framework for Large Language Models

Li, D; Yu, G; Wang, X; Liang, B

AuditableLLM: A Hash-Chain-Backed, Compliance-Aware Auditable Framework for Large Language Models

Li, D

Yu, G

Wang, X

Liang, B

Permalink

Publisher:: MDPI
Publication Type:: Journal Article
Citation:: Electronics, 15, (1), pp. 56

Open Access

Copyright Clearance Process

Recently Added
In Progress
Open Access

This item is open access.

Adobe PDF

Download Published versionAdobe PDF (2.21 MB)

View on publisher's site

View statistics

Full metadata record

Field	Value	Language
dc.contributor.author	Li, D https://orcid.org/0009-0000-8648-8921
dc.contributor.author	Yu, G https://orcid.org/0000-0002-6111-1607
dc.contributor.author	Wang, X https://orcid.org/0000-0001-9439-6437
dc.contributor.author	Liang, B https://orcid.org/0000-0002-6605-2167
dc.date.accessioned	2026-01-06T05:07:48Z
dc.date.available	2026-01-06T05:07:48Z
dc.identifier.citation	Electronics, 15, (1), pp. 56
dc.identifier.issn	1450-5843
dc.identifier.issn	2079-9292
dc.identifier.uri	http://hdl.handle.net/10453/191334
dc.description.abstract	Auditability and regulatory compliance are increasingly required for deploying large language models (LLMs). Prior work typically targets isolated stages such as training or unlearning and lacks a unified mechanism for verifiable accountability across model updates. This paper presents AuditableLLM, a lightweight framework that decouples update execution from an audit-and-verification layer and records each update as a hash-chain-backed, tamper-evident audit trail. The framework supports parameter-efficient fine-tuning such as Low-Rank Adaptation (LoRA) and Quantized LoRA (QLoRA), full-parameter optimization, continual learning, and data unlearning, enabling third-party verification without access to model internals or raw logs. Experiments on LLaMA-family models with LoRA adapters and the MovieLens dataset show negligible utility degradation (below 0.2% in accuracy and macro-F1) with modest overhead (3.4 ms/step; 5.7% slowdown) and sub-second audit validation in the evaluated setting. Under a simple loss-based membership inference attack on the forget set, the audit layer does not increase membership leakage relative to the underlying unlearning algorithm. Overall, the results indicate that hash-chain-backed audit logging can be integrated into practical LLM adaptation, update, and unlearning workflows with low overhead and verifiable integrity.
dc.language	en
dc.publisher	MDPI
dc.relation.ispartof	Electronics
dc.relation.isbasedon	10.3390/electronics15010056
dc.rights	info:eu-repo/semantics/openAccess
dc.title	AuditableLLM: A Hash-Chain-Backed, Compliance-Aware Auditable Framework for Large Language Models
dc.type	Journal Article
utslib.citation.volume	15
pubs.organisational-group	University of Technology Sydney
pubs.organisational-group	University of Technology Sydney/Faculty of Engineering and Information Technology
pubs.organisational-group	University of Technology Sydney/Faculty of Engineering and Information Technology/School of Electrical and Data Engineering
pubs.organisational-group	University of Technology Sydney/UTS Groups
pubs.organisational-group	University of Technology Sydney/UTS Groups/Data Science Institute (DSI)
pubs.organisational-group	University of Technology Sydney/UTS Groups/Global Big Data Technologies Centre (GBDTC)
pubs.organisational-group	University of Technology Sydney/UTS Groups/Cyber Digital Centre (CDC)
pubs.organisational-group	University of Technology Sydney/UTS Groups/The Trustworthy Digital Society
pubs.organisational-group	University of Technology Sydney/Faculty of Engineering and Information Technology/Engineering and IT Related HDR Students
utslib.copyright.status	open_access	*
dc.rights.license	This work is licensed under a Creative Commons Attribution 4.0 International License (CC BY 4.0). To view a copy of this license, visit https://creativecommons.org/licenses/by/4.0/
dc.date.updated	2026-01-06T05:07:47Z
pubs.issue	1
pubs.publication-status	Published online
pubs.volume	15
utslib.citation.issue	1

Abstract:

Auditability and regulatory compliance are increasingly required for deploying large language models (LLMs). Prior work typically targets isolated stages such as training or unlearning and lacks a unified mechanism for verifiable accountability across model updates. This paper presents AuditableLLM, a lightweight framework that decouples update execution from an audit-and-verification layer and records each update as a hash-chain-backed, tamper-evident audit trail. The framework supports parameter-efficient fine-tuning such as Low-Rank Adaptation (LoRA) and Quantized LoRA (QLoRA), full-parameter optimization, continual learning, and data unlearning, enabling third-party verification without access to model internals or raw logs. Experiments on LLaMA-family models with LoRA adapters and the MovieLens dataset show negligible utility degradation (below 0.2% in accuracy and macro-F1) with modest overhead (3.4 ms/step; 5.7% slowdown) and sub-second audit validation in the evaluated setting. Under a simple loss-based membership inference attack on the forget set, the audit layer does not increase membership leakage relative to the underlying unlearning algorithm. Overall, the results indicate that hash-chain-backed audit logging can be integrated into practical LLM adaptation, update, and unlearning workflows with low overhead and verifiable integrity.

Please use this identifier to cite or link to this item:

http://hdl.handle.net/10453/191334