English

SteganoBackdoor: Stealthy and Data-Efficient Backdoor Attacks on Language Models

Cryptography and Security 2026-01-06 v3 Computation and Language Machine Learning

Abstract

Modern language models remain vulnerable to backdoor attacks via poisoned data, where training inputs containing a trigger are paired with a target output, causing the model to reproduce that behavior whenever the trigger appears at inference time. Recent work has emphasized stealthy attacks that stress-test data-curation defenses using stylized artifacts or token-level perturbations as triggers, but this focus leaves a more practically relevant threat model underexplored: backdoors tied to naturally occurring semantic concepts. We introduce SteganoBackdoor, an optimization-based framework that constructs SteganoPoisons, steganographic poisoned training examples in which a backdoor payload is distributed across a fluent sentence while exhibiting no representational overlap with the inference-time semantic trigger. Across diverse model architectures, SteganoBackdoor achieves high attack success under constrained poisoning budgets and remains effective under conservative data-level filtering, highlighting a blind spot in existing data-curation defenses.

Keywords

Cite

@article{arxiv.2511.14301,
  title  = {SteganoBackdoor: Stealthy and Data-Efficient Backdoor Attacks on Language Models},
  author = {Eric Xue and Ruiyi Zhang and Pengtao Xie},
  journal= {arXiv preprint arXiv:2511.14301},
  year   = {2026}
}
R2 v1 2026-07-01T07:42:54.204Z