English

Targeted Bit-Flip Attacks on LLM-Based Agents

Cryptography and Security 2026-03-12 v1 Artificial Intelligence

Abstract

Targeted bit-flip attacks (BFAs) exploit hardware faults to manipulate model parameters, posing a significant security threat. While prior work targets single-step inference models (e.g., image classifiers), LLM-based agents with multi-stage pipelines and external tools present new attack surfaces, which remain unexplored. This work introduces Flip-Agent, the first targeted BFA framework for LLM-based agents, manipulating both final outputs and tool invocations. Our experiments show that Flip-Agent significantly outperforms existing targeted BFAs on real-world agent tasks, revealing a critical vulnerability in LLM-based agent systems.

Keywords

Cite

@article{arxiv.2603.10042,
  title  = {Targeted Bit-Flip Attacks on LLM-Based Agents},
  author = {Jialai Wang and Ya Wen and Zhongmou Liu and Yuxiao Wu and Bingyi He and Zongpeng Li and Ee-Chien Chang},
  journal= {arXiv preprint arXiv:2603.10042},
  year   = {2026}
}

Comments

To appear in DAC 2026 (Design Automation Conference)

R2 v1 2026-07-01T11:13:35.341Z