Back to all available

SecureMed-LLM: A privacy-preserving framework for safeguarding clinical language models

agents-and-multi-agent-systems
artificial-intelligence
data-mining-and-machine-learning
natural-language-and-speech
security-and-privacy

Abstract

The rapid advancement of Large Language Models (LLMs) has accelerated applications of artificial intelligence (AI) in healthcare, yet their deployment introduces significant challenges, including model tampering, malicious interference, and patient privacy risks. For example, an adversarial perturbation of chest X-rays images can mislead diagnostic prediction, while prompt injection attacks may expose sensitive patient clinical information, posing serious to safe and trustworthy AI-driven care.

This work introduces SecureMed-LLM, a comprehensive framework for safeguarding LLMs in clinical environments through a multi-tiered defense strategy. The framework integrates (i) local data anonymization via the Med-Guard module, (ii) differential privacy training via DP-SGD coupled with medical compliance validation, and (iii) encrypted inference leveraging the Elliptic Curve Integrated Encryption Scheme (ECIES) with Curve25519.

SecureMed-LLM is evaluated on the OPEN-I Chest X-ray dataset, demonstrating strong resilience against adversarial attacks (e.g., FGSM, PGD) with minimal performance degradation (BLEU score > 0.63 under perturbation). Image anonymization with controlled noise preserves diagnostic utility (BLEU score = 0.70) while enhancing privacy, and differential privacy reduces membership inference attack success rates by 45%. Compared to state-of-the-art defense techniques, SecureMed-LLM improves robustness by 8-10% while reducing accuracy loss by approximately 5%, achieving a superior balance between privacy and utility.

Overall, these results showcase SecureMed-LLM as a practical and regulation-aligned pathway for deploying secure, privacy-preserving LLMs in modern clinical practice.

Ask to review this manuscript

Notes for potential reviewers

  • Volunteering is not a guarantee that you will be asked to review. There are many reasons: reviewers must be qualified, there should be no conflicts of interest, a minimum of two reviewers have already accepted an invitation, etc.
  • This is NOT OPEN peer review. The review is single-blind, and all recommendations are sent privately to the Academic Editor handling the manuscript. All reviews are published and reviewers can choose to sign their reviews.
  • What happens after volunteering? It may be a few days before you receive an invitation to review with further instructions. You will need to accept the invitation to then become an official referee for the manuscript. If you do not receive an invitation it is for one of many possible reasons as noted above.
  • PeerJ Computer Science does not judge submissions based on subjective measures such as novelty, impact or degree of advance. Effectively, reviewers are asked to comment on whether or not the submission is scientifically and technically sound and therefore deserves to join the scientific literature. Our Peer Review criteria can be found on the "Editorial Criteria" page - reviewers are specifically asked to comment on 3 broad areas: "Basic Reporting", "Experimental Design" and "Validity of the Findings".
  • Reviewers are expected to comment in a timely, professional, and constructive manner.
  • Until the article is published, reviewers must regard all information relating to the submission as strictly confidential.
  • When submitting a review, reviewers are given the option to "sign" their review (i.e. to associate their name with their comments). Otherwise, all review comments remain anonymous.
  • All reviews of published articles are published. This includes manuscript files, peer review comments, author rebuttals and revised materials.
  • Each time a decision is made by the Academic Editor, each reviewer will receive a copy of the Decision Letter (which will include the comments of all reviewers).

If you have any questions about submitting your review, please email us at [email protected].