English
Related papers

Related papers: The Trigger in the Haystack: Extracting and Recons…

200 papers

Backdoor attack introduces artificial vulnerabilities into the model by poisoning a subset of the training data via injecting triggers and modifying labels. Various trigger design strategies have been explored to attack text classifiers,…

Computation and Language · Computer Science 2021-09-23 Zichao Li , Dheeraj Mekala , Chengyu Dong , Jingbo Shang

Backdoor attacks are a kind of insidious security threat against machine learning models. After being injected with a backdoor in training, the victim model will produce adversary-specified outputs on the inputs embedded with predesigned…

Computation and Language · Computer Science 2021-06-04 Fanchao Qi , Mukai Li , Yangyi Chen , Zhengyan Zhang , Zhiyuan Liu , Yasheng Wang , Maosong Sun

Deep neural networks are vulnerable to a range of adversaries. A particularly pernicious class of vulnerabilities are backdoors, where model predictions diverge in the presence of subtle triggers in inputs. An attacker can implant a…

Machine Learning · Computer Science 2022-12-20 Goutham Ramakrishnan , Aws Albarghouthi

With the prosperity of large language models (LLMs), powerful LLM-based intelligent agents have been developed to provide customized services with a set of user-defined tools. State-of-the-art methods for constructing LLM agents adopt…

Computation and Language · Computer Science 2024-06-06 Yifei Wang , Dizhan Xue , Shengjie Zhang , Shengsheng Qian

Large language model (LLM) agents execute tasks through multi-step workflows that combine planning, memory, and tool use. While this design enables autonomy, it also expands the attack surface for backdoor threats. Backdoor triggers…

Artificial Intelligence · Computer Science 2026-01-13 Yunhao Feng , Yige Li , Yutao Wu , Yingshui Tan , Yanming Guo , Yifan Ding , Kun Zhai , Xingjun Ma , Yu-Gang Jiang

Deep neural networks are vulnerable to adversarial attacks, such as backdoor attacks in which a malicious adversary compromises a model during training such that specific behaviour can be triggered at test time by attaching a specific word…

Cryptography and Security · Computer Science 2022-10-21 You Guo , Jun Wang , Trevor Cohn

Semantic communication systems, which leverage Generative AI (GAI) to transmit semantic meaning rather than raw data, are poised to revolutionize modern communications. However, they are vulnerable to backdoor attacks, a type of poisoning…

Cryptography and Security · Computer Science 2025-02-07 Ziyang Wei , Yili Jiang , Jiaqi Huang , Fangtian Zhong , Sohan Gyawali

Trojan backdoors can be injected into large language models at various stages, including pretraining, fine-tuning, and in-context learning, posing a significant threat to the model's alignment. Due to the nature of causal language modeling,…

Computation and Language · Computer Science 2025-01-22 Vedant Bhasin , Matthew Yudin , Razvan Stefanescu , Rauf Izmailov

Backdoors and poisoning attacks are a major threat to the security of machine-learning and vision systems. Often, however, these attacks leave visible artifacts in the images that can be visually detected and weaken the efficacy of the…

Cryptography and Security · Computer Science 2020-03-20 Erwin Quiring , Konrad Rieck

Stealthy data poisoning during fine-tuning can backdoor large language models (LLMs), threatening downstream safety. Existing detectors either use classifier-style probability signals--ill-suited to generation--or rely on rewriting, which…

Computation and Language · Computer Science 2025-11-13 Jinwen Chen , Hainan Zhang , Fei Sun , Qinnan Zhang , Sijia Wen , Ziwei Wang , Zhiming Zheng

Tool-use large language model (LLM) agents are increasingly deployed to support sensitive workflows, relying on tool calls for retrieval, external API access, and session memory management. While prior research has examined various threats,…

Cryptography and Security · Computer Science 2026-04-08 Wuyang Zhang , Shichao Pei

In the field of natural language processing, the prevalent approach involves fine-tuning pretrained language models (PLMs) using local samples. Recent research has exposed the susceptibility of PLMs to backdoor attacks, wherein the…

Machine Learning · Computer Science 2023-10-31 Ruixiang Tang , Jiayi Yuan , Yiming Li , Zirui Liu , Rui Chen , Xia Hu

Large Language Models (LLMs), which bridge the gap between human language understanding and complex problem-solving, achieve state-of-the-art performance on several NLP tasks, particularly in few-shot and zero-shot settings. Despite the…

Cryptography and Security · Computer Science 2025-01-07 Shuai Zhao , Meihuizi Jia , Zhongliang Guo , Leilei Gan , Xiaoyu Xu , Xiaobao Wu , Jie Fu , Yichao Feng , Fengjun Pan , Luu Anh Tuan

The widespread adoption of Large Language Models (LLMs) in critical applications has introduced severe reliability and security risks, as LLMs remain vulnerable to notorious threats such as hallucinations, jailbreak attacks, and backdoor…

Cryptography and Security · Computer Science 2026-04-07 Shide Zhou , Kailong Wang , Ling Shi , Haoyu Wang

As AI agents become integral to enterprise workflows, their reliance on shared tool libraries and pre-trained components creates significant supply chain vulnerabilities. While previous work has demonstrated behavioral backdoor detection…

Cryptography and Security · Computer Science 2025-11-26 Arun Chowdary Sanna

Retrieval-Augmented Generation (RAG) systems have emerged as a promising solution to mitigate LLM hallucinations and enhance their performance in knowledge-intensive domains. However, these systems are vulnerable to adversarial poisoning…

Information Retrieval · Computer Science 2025-07-29 Jinyan Su , Jin Peng Zhou , Zhengxin Zhang , Preslav Nakov , Claire Cardie

Deep learning models are vulnerable to various adversarial manipulations of their training data, parameters, and input sample. In particular, an adversary can modify the training data and model parameters to embed backdoors into the model,…

Machine Learning · Computer Science 2020-06-09 Te Juin Lester Tan , Reza Shokri

Large Language Models (LLMs) have become integral to many applications, with system prompts serving as a key mechanism to regulate model behavior and ensure ethical outputs. In this paper, we introduce a novel backdoor attack that…

Cryptography and Security · Computer Science 2024-10-08 Lu Yan , Siyuan Cheng , Xuan Chen , Kaiyuan Zhang , Guangyu Shen , Zhuo Zhang , Xiangyu Zhang

Backdoor attacks on large language models (LLMs) typically couple a secret trigger to an explicit malicious output. We show that this explicit association is unnecessary for common LLMs. We introduce a compliance-only backdoor: supervised…

Machine Learning · Computer Science 2025-11-18 Yuting Tan , Yi Huang , Zhuo Li

Vision Language Models (VLMs) have shown remarkable performance, but are also vulnerable to backdoor attacks whereby the adversary can manipulate the model's outputs through hidden triggers. Prior attacks primarily rely on single-modality…

Computer Vision and Pattern Recognition · Computer Science 2025-06-10 Zhiyuan Zhong , Zhen Sun , Yepang Liu , Xinlei He , Guanhong Tao