| (英) |
With the rapid advancements in big AI models such as text and image generation models, numerous web services have begun leveraging these state-of-the-art technologies for various applications. However, there are privacy concerns such as eavesdropping and data leakage over communication networks because both the input prompt and output content of generative AI models may contain privacy-sensitive or confidential information. This study proposes $Lambda$-Split: a triadic split computing (SC) framework that splits a generative AI model or generation pipeline into three sub-models: the head model in the edge devices such as personal computers or smartphones, the body model in the cloud server, and the tail model back in the edge device again. Notably, $Lambda$-Split transmits only the hidden layer output vector of the neural network (NN) between the edge and cloud, thereby offering a more secure alternative to transmitting raw input and output data thanks to the black-box characteristic of NNs. Thus, $Lambda$-Split enables the utilization of the computational power of the cloud and computational load distribution to the edge, without exposing the raw data external to the edge. Furthermore, $Lambda$-Split is orthogonal to conventional encryption-based techniques and can enhance security when used in tandem. We validate the $Lambda$-Split framework using Llama 2, a large language model (LLM) for text generation developed from Meta, and Stable Diffusion XL, a latent diffusion model (LDM) for image generation developed from Stability AI. Our implementation of $Lambda$-Split is available in https://github.com/nishio-laboratory/lambda_split. |