[2509.05608] BinaryShield: Cross-Service Threat Intelligence in LLM Services using Privacy-Preserving Fingerprints

Computer Science > Cryptography and Security arXiv:2509.05608 (cs) [Submitted on 6 Sep 2025 (v1), last revised 28 Feb 2026 (this version, v2)] Title:BinaryShield: Cross-Service Threat Intelligence in LLM Services using Privacy-Preserving Fingerprints Authors:Waris Gill, Natalie Isak, Matthew Dressman View a PDF of the paper titled BinaryShield: Cross-Service Threat Intelligence in LLM Services using Privacy-Preserving Fingerprints, by Waris Gill and 1 other authors View PDF HTML (experimental) Abstract:The widespread deployment of LLMs across enterprise services has created a critical security blind spot. Organizations operate multiple LLM services handling billions of queries daily, yet regulatory compliance boundaries prevent these services from sharing threat intelligence about prompt injection attacks, the top security risk for LLMs. When an attack is detected in one service, the same threat may persist undetected in others for months, as privacy regulations prohibit sharing user prompts across compliance boundaries. We present BinaryShield, \emph{the first privacy-preserving threat intelligence system that enables secure sharing of attack fingerprints across compliance boundaries.} BinaryShield transforms suspicious prompts through a unique pipeline combining PII redaction, semantic embedding, binary quantization, and randomized response mechanism to potentially generate privacy-preserving fingerprints that preserve attack patterns while providing privacy. Our evaluat...