English
Related papers

Related papers: Trusted Weights, Treacherous Optimizations? Optimi…

200 papers

Generative large language models (LLMs) have achieved state-of-the-art results on a wide range of tasks, yet they remain susceptible to backdoor attacks: carefully crafted triggers in the input can manipulate the model to produce…

Artificial Intelligence · Computer Science 2025-05-20 Yige Li , Hanxun Huang , Yunhan Zhao , Xingjun Ma , Jun Sun

Federated learning allows multiple participants to collaboratively train a central model without sharing their private data. However, this distributed nature also exposes new attack surfaces. In particular, backdoor attacks allow attackers…

Machine Learning · Computer Science 2025-09-24 Zhaoxin Wang , Handing Wang , Cong Tian , Yaochu Jin

As powerful Large Language Models (LLMs) are now widely used for numerous practical applications, their safety is of critical importance. While alignment techniques have significantly improved overall safety, LLMs remain vulnerable to…

Machine Learning · Computer Science 2024-10-28 Samuel Jacob Chacko , Sajib Biswas , Chashi Mahiul Islam , Fatema Tabassum Liza , Xiuwen Liu

Deep learning (DL) compilers are core infrastructure in modern DL systems, offering flexibility and scalability beyond vendor-specific libraries. This work uncovers a fundamental vulnerability in their design: can an official, unmodified…

Cryptography and Security · Computer Science 2025-10-28 Simin Chen , Jinjun Peng , Yixin He , Junfeng Yang , Baishakhi Ray

Backdoor attacks pose a serious threat to the secure deployment of large language models (LLMs), enabling adversaries to implant hidden behaviors triggered by specific inputs. However, existing methods often rely on manually crafted…

Cryptography and Security · Computer Science 2025-11-24 Yige Li , Zhe Li , Wei Zhao , Nay Myat Min , Hanxun Huang , Xingjun Ma , Jun Sun

Large visual language models (LVLMs) have demonstrated excellent instruction-following capabilities, yet remain vulnerable to stealthy backdoor attacks when finetuned using contaminated data. Existing backdoor defense techniques are usually…

Cryptography and Security · Computer Science 2025-06-09 Yuan Xun , Siyuan Liang , Xiaojun Jia , Xinwei Liu , Xiaochun Cao

Recent studies have shown that Large Language Models (LLMs) are vulnerable to data poisoning attacks, where malicious training examples embed hidden behaviours triggered by specific input patterns. However, most existing works assume a…

Computation and Language · Computer Science 2025-10-10 Sanhanat Sivapiromrat , Caiqi Zhang , Marco Basaldella , Nigel Collier

Backdoors implanted in pre-trained language models (PLMs) can be transferred to various downstream tasks, which exposes a severe security threat. However, most existing backdoor attacks against PLMs are un-targeted and task-specific. Few…

Computation and Language · Computer Science 2024-12-20 Wei Du , Peixuan Li , Boqun Li , Haodong Zhao , Gongshen Liu

Early backdoor attacks against machine learning set off an arms race in attack and defence development. Defences have since appeared demonstrating some ability to detect backdoors in models or even remove them. These defences work by…

Machine Learning · Computer Science 2024-06-03 Eleanor Clifford , Ilia Shumailov , Yiren Zhao , Ross Anderson , Robert Mullins

The growing application of large language models (LLMs) in safety-critical domains has raised urgent concerns about their security. Many recent studies have demonstrated the feasibility of backdoor attacks against LLMs. However, existing…

Cryptography and Security · Computer Science 2026-04-24 Jiali Wei , Ming Fan , Guoheng Sun , Xicheng Zhang , Haijun Wang , Ting Liu

Large language models (LLMs) have achieved remarkable success across diverse applications but remain vulnerable to jailbreak attacks, where attackers craft prompts that bypass safety alignment and elicit unsafe responses. Among existing…

Computation and Language · Computer Science 2026-03-04 Zhi Xu , Jiaqi Li , Xiaotong Zhang , Hong Yu , Han Liu

We present a novel approach for attacking black-box large language models (LLMs) by exploiting their ability to express confidence in natural language. Existing black-box attacks require either access to continuous model outputs like logits…

Cryptography and Security · Computer Science 2025-10-21 Jie Zhang , Meng Ding , Yang Liu , Jue Hong , Florian Tramèr

We consider the problem of false data injection attacks modeled as additive disturbances in various parts of a general LTI feedback system and derive necessary and sufficient conditions for the existence of stealthy unbounded attacks. We…

Systems and Control · Computer Science 2017-07-19 Nabil H. Hirzallah , Petros G. Voulgaris

While effective backdoor detection and inversion schemes have been developed for AIs used e.g. for images, there are challenges in "porting" these methods to LLMs. First, the LLM input space is discrete, which precludes gradient-based…

Machine Learning · Computer Science 2025-09-22 Zhengxing Li , Guangmingmei Yang , Jayaram Raghuram , David J. Miller , George Kesidis

Backdoor attacks have been demonstrated as a security threat for machine learning models. Traditional backdoor attacks intend to inject backdoor functionality into the model such that the backdoored model will perform abnormally on inputs…

Machine Learning · Computer Science 2023-04-19 Jing Xu , Gorka Abad , Stjepan Picek

With the development of technology, large language models (LLMs) have dominated the downstream natural language processing (NLP) tasks. However, because of the LLMs' instruction-following abilities and inability to distinguish the…

Cryptography and Security · Computer Science 2025-10-07 Yulin Chen , Haoran Li , Yuan Sui , Yangqiu Song , Bryan Hooi

Recent studies show that neural natural language processing (NLP) models are vulnerable to backdoor attacks. Injected with backdoors, models perform normally on benign examples but produce attacker-specified predictions when the backdoor is…

Computation and Language · Computer Science 2021-06-14 Fanchao Qi , Yuan Yao , Sophia Xu , Zhiyuan Liu , Maosong Sun

Large Language Models (LLMs) can acquire deceptive behaviors through backdoor attacks, where the model executes prohibited actions whenever secret triggers appear in the input. Existing safety training methods largely fail to address this…

Cryptography and Security · Computer Science 2025-10-08 Guangyu Shen , Siyuan Cheng , Xiangzhe Xu , Yuan Zhou , Hanxi Guo , Zhuo Zhang , Xiangyu Zhang

Contrastive Learning (CL) has attracted enormous attention due to its remarkable capability in unsupervised representation learning. However, recent works have revealed the vulnerability of CL to backdoor attacks: the feature extractor…

Cryptography and Security · Computer Science 2024-04-12 Weiyu Sun , Xinyu Zhang , Hao Lu , Yingcong Chen , Ting Wang , Jinghui Chen , Lu Lin

During fine-tuning, large language models (LLMs) are increasingly vulnerable to data-poisoning backdoor attacks, which compromise their reliability and trustworthiness. However, existing defense strategies suffer from limited…

Cryptography and Security · Computer Science 2025-10-13 Shuai Zhao , Xinyi Wu , Shiqian Zhao , Xiaobao Wu , Zhongliang Guo , Yanhao Jia , Anh Tuan Luu