Saved in:
Bibliographic Details
Main Authors: Duan, Donghang, Zheng, Xu, He, Yuefeng, Mu, Chong, Cai, Leyi, Zhang, Lizong
Format: Preprint
Published: 2025
Subjects:
Online Access:https://arxiv.org/abs/2512.06713
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866918440283930624
author Duan, Donghang
Zheng, Xu
He, Yuefeng
Mu, Chong
Cai, Leyi
Zhang, Lizong
author_facet Duan, Donghang
Zheng, Xu
He, Yuefeng
Mu, Chong
Cai, Leyi
Zhang, Lizong
contents Current LLM-based frameworks for text anonymization usually rely on remote API services from powerful LLMs, which creates an inherent privacy paradox: users must disclose the raw data to untrusted third parties for guaranteed privacy preservation. Moreover, directly migrating current solutions to local small-scale models (LSMs) offers a suboptimal solution with severe utility collapse. Our work argues that this failure stems not merely from the capability deficits of LSMs, but significantly from the inherent irrationality of the greedy adversarial strategies employed by current state-of-the-art (SOTA) methods. To address this drawback, we propose Rational Localized Adversarial Anonymization (RLAA), a fully localized and training-free framework featuring an Attacker-Arbitrator-Anonymizer architecture. We model the anonymization process as a trade-off between Marginal Privacy Gain (MPG) and Marginal Utility Cost (MUC), demonstrating that greedy strategies tend to drift into an irrational state. Instead, RLAA introduces an arbitrator that acts as a rationality gatekeeper, validating the attacker's inference to filter out ghost leaks. This mechanism promotes a rational early-stopping criterion, and structurally prevents utility collapse. Extensive experiments on different benchmarks demonstrate that RLAA achieves a superior privacy-utility trade-off compared to strong baselines.
format Preprint
id arxiv_https___arxiv_org_abs_2512_06713
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle Look Twice before You Leap: A Rational Framework for Localized Adversarial Anonymization
Duan, Donghang
Zheng, Xu
He, Yuefeng
Mu, Chong
Cai, Leyi
Zhang, Lizong
Cryptography and Security
Computation and Language
Current LLM-based frameworks for text anonymization usually rely on remote API services from powerful LLMs, which creates an inherent privacy paradox: users must disclose the raw data to untrusted third parties for guaranteed privacy preservation. Moreover, directly migrating current solutions to local small-scale models (LSMs) offers a suboptimal solution with severe utility collapse. Our work argues that this failure stems not merely from the capability deficits of LSMs, but significantly from the inherent irrationality of the greedy adversarial strategies employed by current state-of-the-art (SOTA) methods. To address this drawback, we propose Rational Localized Adversarial Anonymization (RLAA), a fully localized and training-free framework featuring an Attacker-Arbitrator-Anonymizer architecture. We model the anonymization process as a trade-off between Marginal Privacy Gain (MPG) and Marginal Utility Cost (MUC), demonstrating that greedy strategies tend to drift into an irrational state. Instead, RLAA introduces an arbitrator that acts as a rationality gatekeeper, validating the attacker's inference to filter out ghost leaks. This mechanism promotes a rational early-stopping criterion, and structurally prevents utility collapse. Extensive experiments on different benchmarks demonstrate that RLAA achieves a superior privacy-utility trade-off compared to strong baselines.
title Look Twice before You Leap: A Rational Framework for Localized Adversarial Anonymization
topic Cryptography and Security
Computation and Language
url https://arxiv.org/abs/2512.06713