This research introduces a groundbreaking method for identifying which large language model is being used by analyzing the distinctive rhythm of token generation times and network traffic patterns.

• Achieves high accuracy (up to 98%) in identifying LLMs based solely on timing characteristics
• Works even without access to model outputs or internal architecture details
• Robust against potential adversarial attacks, unlike content-based identification methods
• Provides real-time identification rather than post-hoc analysis

Implications for security: This approach enables more reliable verification of deployed LLMs, helping organizations ensure model authenticity, detect unauthorized model use, and maintain system trustworthiness in critical applications.

Source: LLMs Have Rhythm: Fingerprinting Large Language Models Using Inter-Token Times and Network Traffic Analysis