Proprietary large language models (LLMs) exhibit strong generalization capabilities across diverse tasks and are increasingly deployed on edge devices for efficiency and privacy reasons. However, deploying proprietary LLMs at the edge without adequate protection introduces critical security threats. Attackers can extract model weights and architectures, enabling unauthorized copying and misuse. Even when protective measures prevent full extraction of model weights, attackers may still perform advanced attacks, such as fine-tuning, to further exploit the model. Existing defenses against these threats typically incur significant computational and communication overhead, making them impractical for edge deployment. To safeguard the edge-deployed LLMs, we introduce CoreGuard, a computation- and communication-efficient protection method. CoreGuard employs an efficient protection protocol to reduce computational overhead and minimize communication overhead via a propagation protocol. Extensive experiments show that CoreGuard achieves upper-bound security protection with negligible overhead.

翻译：专有大型语言模型（LLM）在多样化任务中展现出强大的泛化能力，并因效率与隐私考量日益部署于边缘设备。然而，在缺乏充分保护的情况下于边缘部署专有LLM会引发严重的安全威胁。攻击者可提取模型权重与架构，从而实现未经授权的复制与滥用。即使防护措施阻止了模型权重的完整提取，攻击者仍可能实施高级攻击（如微调）以进一步利用模型。现有针对此类威胁的防御方案通常产生显著的计算与通信开销，使其难以适用于边缘部署场景。为保护边缘部署的LLM，我们提出CoreGuard——一种计算与通信高效的保护方法。CoreGuard采用高效的保护协议以降低计算开销，并通过传播协议最小化通信开销。大量实验表明，CoreGuard能够以可忽略的开销实现理论上限级的安全防护。