Real-time web content scraping by large language models (LLMs) poses significant threats to online intellectual property rights. Method: This paper proposes a proactive defense framework leveraging the LLM’s intrinsic semantic understanding capabilities. It introduces a novel closed-loop “semantic-to-semantic” defense paradigm, integrating semantic-aware adversarial prompting, dynamic response generation, black-box gradient approximation optimization, and LLM retrieval behavior modeling to enable creator-defined, content-level access control. Contribution/Results: Unlike conventional rule-based or configuration-driven approaches, our method requires no model modification or external policy rules. Evaluated across multiple mainstream LLMs, it elevates defense success rates from 2.5% to 88.6%, effectively addressing the black-box optimization challenge. The framework is deployable, interpretable, and customizable—offering a practical, principled solution for web content copyright protection.

Protecting cyber Intellectual Property (IP) such as web content is an increasingly critical concern. The rise of large language models (LLMs) with online retrieval capabilities presents a double-edged sword that enables convenient access to information but often undermines the rights of original content creators. As users increasingly rely on LLM-generated responses, they gradually diminish direct engagement with original information sources, significantly reducing the incentives for IP creators to contribute, and leading to a saturating cyberspace with more AI-generated content. In response, we propose a novel defense framework that empowers web content creators to safeguard their web-based IP from unauthorized LLM real-time extraction by leveraging the semantic understanding capability of LLMs themselves. Our method follows principled motivations and effectively addresses an intractable black-box optimization problem. Real-world experiments demonstrated that our methods improve defense success rates from 2.5% to 88.6% on different LLMs, outperforming traditional defenses such as configuration-based restrictions.