<p>Edge-cloud collaborative inference in small language models offloads intermediate latent representations to bypass on-device computational bottlenecks. However, this transparent transmission exposes sensitive user attributes to latent-space inference attacks. In this paper, to effectively protect latent states during transmission, we propose Selective Semantic State Editing (SSSE), an inference-time privacy mechanism that intervenes exclusively at the offload boundary. Our framework first employs a learnable risk scorer to identify privacy-sensitive token-level latent states, then constructs on-device semantic alternatives by combining an input-conditioned local reservoir with a static prototype cache, and finally performs risk-aware selective latent state editing to suppress sensitive-attribute leakage while preserving task-relevant information. Experimental results show that SSSE provides a favorable privacy–utility balance. On the topic classification task, SSSE achieves an accuracy of 0.4691 and a macro-F1 of 0.1890, incurring only a 0.0030 macro-F1 drop from baseline. Meanwhile, SSSE reduces attack macro-F1 from 0.6539 to 0.6288 on gender, and from 0.5403 to 0.5053 on age-group. The ablation results further verify the effectiveness of the risk scorer and candidate construction. Deployment overhead study finds that SSSE introduces a practical privacy-intervention overhead of approximately 2.8 ms/sample. Our work demonstrates the practical potential of selective semantic state editing for privacy-preserving edge-cloud inference.</p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Selective semantic state editing for private edge-cloud inference in SLMs

  • Feifan Wang,
  • Delong Li,
  • Baihe Ma,
  • Xu Wang,
  • Chen Li,
  • Xuelei Qi,
  • Yang Zhang,
  • Kewei Sha,
  • Haihua Chen,
  • Guangsheng Yu

摘要

Edge-cloud collaborative inference in small language models offloads intermediate latent representations to bypass on-device computational bottlenecks. However, this transparent transmission exposes sensitive user attributes to latent-space inference attacks. In this paper, to effectively protect latent states during transmission, we propose Selective Semantic State Editing (SSSE), an inference-time privacy mechanism that intervenes exclusively at the offload boundary. Our framework first employs a learnable risk scorer to identify privacy-sensitive token-level latent states, then constructs on-device semantic alternatives by combining an input-conditioned local reservoir with a static prototype cache, and finally performs risk-aware selective latent state editing to suppress sensitive-attribute leakage while preserving task-relevant information. Experimental results show that SSSE provides a favorable privacy–utility balance. On the topic classification task, SSSE achieves an accuracy of 0.4691 and a macro-F1 of 0.1890, incurring only a 0.0030 macro-F1 drop from baseline. Meanwhile, SSSE reduces attack macro-F1 from 0.6539 to 0.6288 on gender, and from 0.5403 to 0.5053 on age-group. The ablation results further verify the effectiveness of the risk scorer and candidate construction. Deployment overhead study finds that SSSE introduces a practical privacy-intervention overhead of approximately 2.8 ms/sample. Our work demonstrates the practical potential of selective semantic state editing for privacy-preserving edge-cloud inference.