{"id":"https://openalex.org/W4387687938","doi":"https://doi.org/10.48550/arxiv.2310.09130","title":"Split-and-Denoise: Protect large language model inference with local differential privacy","display_name":"Split-and-Denoise: Protect large language model inference with local differential privacy","publication_year":2023,"publication_date":"2023-10-13","ids":{"openalex":"https://openalex.org/W4387687938","doi":"https://doi.org/10.48550/arxiv.2310.09130"},"language":"en","primary_location":{"id":"pmh:oai:arXiv.org:2310.09130","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2310.09130","pdf_url":"https://arxiv.org/pdf/2310.09130","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"text"},"type":"preprint","indexed_in":["arxiv","datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://arxiv.org/pdf/2310.09130","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5072687570","display_name":"Peihua Mai","orcid":"https://orcid.org/0000-0002-5851-2290"},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Mai, Peihua","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100329487","display_name":"Ran Yan","orcid":"https://orcid.org/0000-0002-3021-9543"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Yan, Ran","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5103137782","display_name":"Zhe Huang","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Huang, Zhe","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5114091242","display_name":"Youjia Yang","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Yang, Youjia","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"last","author":{"id":"https://openalex.org/A5112861912","display_name":"Yan Pang","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Pang, Yan","raw_affiliation_strings":[],"affiliations":[]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5072687570"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":true,"cited_by_count":4,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.9979000091552734,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.9979000091552734,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10028","display_name":"Topic Modeling","score":0.9009000062942505,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7759362459182739},{"id":"https://openalex.org/keywords/inference","display_name":"Inference","score":0.6664507389068604},{"id":"https://openalex.org/keywords/embedding","display_name":"Embedding","score":0.6627094745635986},{"id":"https://openalex.org/keywords/downstream","display_name":"Downstream (manufacturing)","score":0.6198419332504272},{"id":"https://openalex.org/keywords/security-token","display_name":"Security token","score":0.6015647649765015},{"id":"https://openalex.org/keywords/language-model","display_name":"Language model","score":0.5165506601333618},{"id":"https://openalex.org/keywords/server","display_name":"Server","score":0.4822893440723419},{"id":"https://openalex.org/keywords/differential-privacy","display_name":"Differential privacy","score":0.4693722724914551},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.409822940826416},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.33985841274261475},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.311708927154541},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.1957288682460785}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7759362459182739},{"id":"https://openalex.org/C2776214188","wikidata":"https://www.wikidata.org/wiki/Q408386","display_name":"Inference","level":2,"score":0.6664507389068604},{"id":"https://openalex.org/C41608201","wikidata":"https://www.wikidata.org/wiki/Q980509","display_name":"Embedding","level":2,"score":0.6627094745635986},{"id":"https://openalex.org/C2776207758","wikidata":"https://www.wikidata.org/wiki/Q5303302","display_name":"Downstream (manufacturing)","level":2,"score":0.6198419332504272},{"id":"https://openalex.org/C48145219","wikidata":"https://www.wikidata.org/wiki/Q1335365","display_name":"Security token","level":2,"score":0.6015647649765015},{"id":"https://openalex.org/C137293760","wikidata":"https://www.wikidata.org/wiki/Q3621696","display_name":"Language model","level":2,"score":0.5165506601333618},{"id":"https://openalex.org/C93996380","wikidata":"https://www.wikidata.org/wiki/Q44127","display_name":"Server","level":2,"score":0.4822893440723419},{"id":"https://openalex.org/C23130292","wikidata":"https://www.wikidata.org/wiki/Q5275358","display_name":"Differential privacy","level":2,"score":0.4693722724914551},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.409822940826416},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.33985841274261475},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.311708927154541},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.1957288682460785},{"id":"https://openalex.org/C162324750","wikidata":"https://www.wikidata.org/wiki/Q8134","display_name":"Economics","level":0,"score":0.0},{"id":"https://openalex.org/C21547014","wikidata":"https://www.wikidata.org/wiki/Q1423657","display_name":"Operations management","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"pmh:oai:arXiv.org:2310.09130","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2310.09130","pdf_url":"https://arxiv.org/pdf/2310.09130","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"text"},{"id":"doi:10.48550/arxiv.2310.09130","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2310.09130","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"pmh:oai:arXiv.org:2310.09130","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2310.09130","pdf_url":"https://arxiv.org/pdf/2310.09130","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"text"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":true,"grobid_xml":false},"content_urls":{"pdf":"https://content.openalex.org/works/W4387687938.pdf"},"referenced_works_count":0,"referenced_works":[],"related_works":["https://openalex.org/W3038283795","https://openalex.org/W2604501336","https://openalex.org/W2734500670","https://openalex.org/W2558166297","https://openalex.org/W2315671126","https://openalex.org/W798507144","https://openalex.org/W2964481303","https://openalex.org/W1751413323","https://openalex.org/W1583765404","https://openalex.org/W2571704763"],"abstract_inverted_index":{"Large":[0],"Language":[1],"Models":[2],"(LLMs)":[3],"excel":[4],"in":[5,13,131,149],"natural":[6],"language":[7],"understanding":[8],"by":[9,160],"capturing":[10],"hidden":[11],"semantics":[12],"vector":[14],"space.":[15],"This":[16,81],"process":[17],"enriches":[18],"the":[19,30,36,65,69,74,83,91,94,101,113,123,133,152,158],"value":[20],"of":[21,38,116],"text":[22,44],"embeddings":[23,92,104],"for":[24,105,112,170],"various":[25,137],"downstream":[26,106,142],"tasks,":[27],"thereby":[28],"fostering":[29],"Embedding-as-a-Service":[31],"(EaaS)":[32],"business":[33],"model.":[34],"However,":[35],"risk":[37],"privacy":[39,154,172],"leakage":[40],"due":[41],"to":[42,46,67,85,89,93,122,157],"direct":[43],"transmission":[45],"servers":[47],"remains":[48],"a":[49,167],"critical":[50],"concern.":[51],"To":[52],"address":[53],"this,":[54],"we":[55],"introduce":[56,86],"Split-N-Denoise":[57],"(SnD),":[58],"an":[59,147],"private":[60],"inference":[61,114],"framework":[62],"that":[63],"splits":[64],"model":[66,124],"execute":[68],"token":[70],"embedding":[71],"layer":[72],"on":[73,163],"client":[75,84],"side":[76],"at":[77],"minimal":[78],"computational":[79],"cost.":[80],"allows":[82],"noise":[87],"prior":[88],"transmitting":[90],"server,":[95],"and":[96,99,118,140],"subsequently":[97],"receive":[98],"denoise":[100],"perturbed":[102],"output":[103],"tasks.":[107,143],"Our":[108],"approach":[109],"is":[110],"designed":[111],"stage":[115],"LLMs":[117],"requires":[119],"no":[120],"modifications":[121],"parameters.":[125],"Extensive":[126],"experiments":[127],"demonstrate":[128],"SnD's":[129],"effectiveness":[130],"optimizing":[132],"privacy-utility":[134],"tradeoff":[135],"across":[136],"LLM":[138],"architectures":[139],"diverse":[141],"The":[144],"results":[145],"reveal":[146],"improvement":[148],"performance":[150],"under":[151],"same":[153],"budget":[155],"compared":[156],"baselines":[159],"over":[161],"10\\%":[162],"average,":[164],"offering":[165],"clients":[166],"privacy-preserving":[168],"solution":[169],"local":[171],"protection.":[173]},"counts_by_year":[{"year":2025,"cited_by_count":3},{"year":2024,"cited_by_count":1}],"updated_date":"2026-03-10T16:38:18.471706","created_date":"2023-10-17T00:00:00"}