ML Security PapersEAGER: Edge-Aligned LLM Defense for Robust, Efficient, and Accurate Cybersecurity Question Answering
Onat Gungor , Roshan Sood , Jiasheng Zhou , Tajana Rosing
Published on arXiv
2511.19523
Prompt Injection
OWASP LLM Top 10 — LLM01
Key Finding
Reduces adversarial attack success rates by up to 7.3x and improves QA accuracy by up to 55% over state-of-the-art defenses while achieving lowest latency on Jetson Orin
EAGER
Novel technique introduced
Large Language Models (LLMs) are highly effective for cybersecurity question answering (QA) but are difficult to deploy on edge devices due to their size. Quantization reduces memory and compute requirements but often degrades accuracy and increases vulnerability to adversarial attacks. We present EAGER, an edge-aligned defense framework that integrates parameter-efficient quantization with domain-specific preference alignment to jointly optimize efficiency, robustness, and accuracy. Unlike prior methods that address these aspects separately, EAGER leverages Quantized Low-Rank Adaptation (QLoRA) for low-cost fine-tuning and Direct Preference Optimization (DPO) on a self-constructed cybersecurity preference dataset, eliminating the need for human labels. Experiments show that EAGER reduces adversarial attack success rates by up to 7.3x and improves QA accuracy by up to 55% over state-of-the-art defenses, while achieving the lowest response latency on a Jetson Orin, demonstrating its practical edge deployment.
Key Contributions
- EAGER framework jointly optimizing robustness, accuracy, and efficiency for edge-deployed LLMs via QLoRA fine-tuning and DPO preference alignment
- Self-constructed cybersecurity preference dataset for label-free DPO training
- Practical edge deployment on Jetson Orin with lowest response latency while achieving up to 7.3x reduction in adversarial attack success rate