English
Related papers

Related papers: Context is the Key: Backdoor Attacks for In-Contex…

200 papers

The advent of Large Language Models (LLMs) has marked significant achievements in language processing and reasoning capabilities. Despite their advancements, LLMs face vulnerabilities to data poisoning attacks, where the adversary inserts…

Machine Learning · Computer Science 2025-05-30 Xiangyu Zhou , Yao Qiang , Saleh Zare Zade , Mohammad Amin Roshani , Prashant Khanduri , Douglas Zytko , Dongxiao Zhu

Backdoor attacks on reinforcement learning implant a backdoor in a victim agent's policy. Once the victim observes the trigger signal, it will switch to the abnormal mode and fail its task. Most of the attacks assume the adversary can…

Multiagent Systems · Computer Science 2022-11-22 Shuo Chen , Yue Qiu , Jie Zhang

This paper investigates how Backdoor Attacks are represented within Vision Transformers (ViTs). By assuming knowledge of the trigger, we identify a specific ``trigger direction'' in the model's activations that corresponds to the internal…

Computer Vision and Pattern Recognition · Computer Science 2026-03-12 Sengim Karayalcin , Marina Krcek , Pin-Yu Chen , Stjepan Picek

Backdoor attacks, in which a model behaves maliciously when given an attacker-specified trigger, pose a major security risk for practitioners who depend on publicly released language models. As a countermeasure, backdoor detection methods…

Computation and Language · Computer Science 2025-09-23 Jun Yan , Wenjie Jacky Mo , Xiang Ren , Robin Jia

Large language models have shown tremendous performance in a variety of tasks. In-context learning -- the ability to improve at a task after being provided with a number of demonstrations -- is seen as one of the main contributors to their…

Computation and Language · Computer Science 2023-05-23 Julian Coda-Forno , Marcel Binz , Zeynep Akata , Matthew Botvinick , Jane X. Wang , Eric Schulz

Backdoor attacks for neural code models have gained considerable attention due to the advancement of code intelligence. However, most existing works insert triggers into task-specific data for code-related downstream tasks, thereby limiting…

Cryptography and Security · Computer Science 2023-06-16 Yanzhou Li , Shangqing Liu , Kangjie Chen , Xiaofei Xie , Tianwei Zhang , Yang Liu

Backdoor attacks significantly compromise the security of large language models by triggering them to output specific and controlled content. Currently, triggers for textual backdoor attacks fall into two categories: fixed-token triggers…

Cryptography and Security · Computer Science 2025-04-01 Jingyi Zheng , Tianyi Hu , Tianshuo Cong , Xinlei He

Fine-tuning Large Language Models (LLMs) typically involves updating at least a few billions of parameters. A more parameter-efficient approach is Prompt Tuning (PT), which updates only a few learnable tokens, and differently, In-Context…

Computation and Language · Computer Science 2024-10-23 Tsachi Blau , Moshe Kimhi , Yonatan Belinkov , Alexander Bronstein , Chaim Baskin

Recent works have demonstrated that deep learning models are vulnerable to backdoor poisoning attacks, where these attacks instill spurious correlations to external trigger patterns or objects (e.g., stickers, sunglasses, etc.). We find…

Computer Vision and Pattern Recognition · Computer Science 2022-07-25 Tong Wu , Tianhao Wang , Vikash Sehwag , Saeed Mahloujifar , Prateek Mittal

In-context learning (ICL) has demonstrated remarkable success in large language models (LLMs) due to its adaptability and parameter-free nature. However, it also introduces a critical vulnerability to backdoor attacks, where adversaries can…

Machine Learning · Computer Science 2025-07-03 Zhiyao Ren , Siyuan Liang , Aishan Liu , Dacheng Tao

Generative large language models are crucial in natural language processing, but they are vulnerable to backdoor attacks, where subtle triggers compromise their behavior. Although backdoor attacks against LLMs are constantly emerging,…

Cryptography and Security · Computer Science 2025-02-27 Xuxu Liu , Siyuan Liang , Mengya Han , Yong Luo , Aishan Liu , Xiantao Cai , Zheng He , Dacheng Tao

In this work, we make two contributions towards understanding of in-context learning of linear models by transformers. First, we investigate the adversarial robustness of in-context learning in transformers to hijacking attacks -- a type of…

Machine Learning · Computer Science 2025-08-07 Usman Anwar , Johannes Von Oswald , Louis Kirsch , David Krueger , Spencer Frei

Large Language Models (LLMs) are known to be vulnerable to backdoor attacks, where triggers embedded in poisoned samples can maliciously alter LLMs' behaviors. In this paper, we move beyond attacking LLMs and instead examine backdoor…

Cryptography and Security · Computer Science 2025-02-18 Huaizhi Ge , Yiming Li , Qifan Wang , Yongfeng Zhang , Ruixiang Tang

"Induction heads" are attention heads that implement a simple algorithm to complete token sequences like [A][B] ... [A] -> [B]. In this work, we present preliminary and indirect evidence for a hypothesis that induction heads might…

Fine-tuning large pre-trained computer vision models is infeasible for resource-limited users. Visual prompt learning (VPL) has thus emerged to provide an efficient and flexible alternative to model fine-tuning through Visual Prompt as a…

Cryptography and Security · Computer Science 2023-10-12 Hai Huang , Zhengyu Zhao , Michael Backes , Yun Shen , Yang Zhang

In-context learning is a recent paradigm in natural language understanding, where a large pre-trained language model (LM) observes a test instance and a few training examples as its input, and directly decodes the output without any update…

Computation and Language · Computer Science 2022-05-10 Ohad Rubin , Jonathan Herzig , Jonathan Berant

Large language models (LLMs) have demonstrated superior performance compared to previous methods on various tasks, and often serve as the foundation models for many researches and services. However, the untrustworthy third-party LLMs may…

Cryptography and Security · Computer Science 2024-04-02 Hai Huang , Zhengyu Zhao , Michael Backes , Yun Shen , Yang Zhang

Machine learning is vulnerable to adversarial manipulation. Previous literature has demonstrated that at the training stage attackers can manipulate data and data sampling procedures to control model behaviour. A common attack goal is to…

Machine Learning · Computer Science 2022-06-17 Mikel Bober-Irizar , Ilia Shumailov , Yiren Zhao , Robert Mullins , Nicolas Papernot

Generative Large Language Models (LLMs) are capable of being in-context learners. However, the underlying mechanism of in-context learning (ICL) is still a major research question, and experimental research results about how models exploit…

Computation and Language · Computer Science 2025-02-11 Aliakbar Nafar , Kristen Brent Venable , Parisa Kordjamshidi

Multimodal contrastive learning models like CLIP have demonstrated remarkable vision-language alignment capabilities, yet their vulnerability to backdoor attacks poses critical security risks. Attackers can implant latent triggers that…

Cryptography and Security · Computer Science 2025-06-17 Mengyuan Sun , Yu Li , Yuchen Liu , Bo Du , Yunjie Ge