Distillation Traps and Guards: A Calibration Knob for LLM Distillability

Knowledge distillation (KD) transfers capabilities from large language models (LLMs) to smaller students, yet it can fail unpredictably and also underpins model leakage risks. Our analysis revealed several distillation traps: tail noise, off-policy instability, and, most fundamentally, the teacher-student gap, that distort training signals. These traps manifest as overconfident hallucinations, self-correction collapse, and local decoding degradation, causing distillation to fail. Motivated by these findings, we propose a post-hoc calibration method that, to the best of our knowledge, for the first time enables control over a teacher's distillability via reinforcement fine-tuning (RFT). Our objective combines task utility, KL anchor, and across-tokenizer calibration reward. This makes distillability a practical safety lever for foundation models, connecting robust teacher-student transfer with deployment-aware model protection. Experiments across math, knowledge QA, and instruction-following tasks show that students distilled from distillable calibrated teachers outperform SFT and KD baselines, while undistillable calibrated teachers retain their task performance but cause distilled students to collapse, offering a practical knob for both better KD and model IP protection.

Key Contributions

• Identifies 'distillation traps' (tail noise, off-policy instability, teacher-student gap) that cause KD failure
• First post-hoc calibration method enabling bidirectional control over teacher LLM distillability via reinforcement fine-tuning
• Demonstrates that undistillable calibrated teachers retain task performance while causing distilled students to collapse, serving as model IP protection

🛡️ Threat Analysis

Details

Similar Papers