Multi-Agent Systems (MAS) with large language models (LLMs) enable personalized education but risk leaking minors personally identifiable information (PII) via unstructured dialogue. Existing privacy methods struggle to balance security and utility: role-based access control fails on unstructured text, while naive masking destroys pedagogical context. We propose SRPG, a privacy guard for educational MAS, using a Dual-Stream Reconstruction Mechanism: a strict sanitization stream ensures zero PII leakage, and a context reconstruction stream (LLM driven) recovers mathematical logic. This decouples instructional content from private data, preserving teaching efficacy. Tests on MathDial show SRPG works across models; with GPT-4o, it achieves 0.0000 Attack Success Rate (ASR) (zero leakage) and 0.8267 Exact Match, far outperforming the zero trust Pure LLM baseline (0.2138). SRPG effectively protects minors privacy without sacrificing mathematical instructional quality.
翻译:基于大语言模型(LLMs)的多智能体系统(MAS)能够实现个性化教育,但存在通过非结构化对话泄露未成年人个人身份信息(PII)的风险。现有隐私保护方法难以在安全性与实用性之间取得平衡:基于角色的访问控制无法有效处理非结构化文本,而简单的掩码处理则会破坏教学上下文。我们提出SRPG,一种面向教育多智能体系统的隐私守卫,采用双流重构机制:严格的净化流确保零PII泄露,上下文重构流(由LLM驱动)则恢复数学逻辑。该方法将教学内容与私人数据解耦,从而保持教学效果。在MathDial数据集上的测试表明,SRPG在不同模型上均有效;使用GPT-4o时,其攻击成功率(ASR)为0.0000(零泄露),精确匹配率达到0.8267,远优于零信任纯LLM基线(0.2138)。SRPG在有效保护未成年人隐私的同时,未牺牲数学教学质量。
相关内容
微信扫码咨询专知VIP会员