English
Related papers

Related papers: Token-Level Generalization in LoRA Adapter Backdoo…

200 papers

Large Language Models (LLMs) can acquire deceptive behaviors through backdoor attacks, where the model executes prohibited actions whenever secret triggers appear in the input. Existing safety training methods largely fail to address this…

Cryptography and Security · Computer Science 2025-10-08 Guangyu Shen , Siyuan Cheng , Xiangzhe Xu , Yuan Zhou , Hanxi Guo , Zhuo Zhang , Xiangyu Zhang

Instruction tuning enhances large vision-language models (LVLMs) but increases their vulnerability to backdoor attacks due to their open design. Unlike prior studies in static settings, this paper explores backdoor attacks in LVLM…

Computer Vision and Pattern Recognition · Computer Science 2024-12-17 Siyuan Liang , Jiawei Liang , Tianyu Pang , Chao Du , Aishan Liu , Mingli Zhu , Xiaochun Cao , Dacheng Tao

Multimodal Large Language Models (MLLMs) have achieved remarkable success in cross-modal understanding and generation, yet their deployment is threatened by critical safety vulnerabilities. While prior works have demonstrated the…

Cryptography and Security · Computer Science 2026-04-22 Kun Wang , Cheng Qian , Miao Yu , Lilan Peng , Liang Lin , Jiaming Zhang , Tianyu Zhang , Yu Cheng , Yang Wang

During fine-tuning, large language models (LLMs) are increasingly vulnerable to data-poisoning backdoor attacks, which compromise their reliability and trustworthiness. However, existing defense strategies suffer from limited…

Cryptography and Security · Computer Science 2025-10-13 Shuai Zhao , Xinyi Wu , Shiqian Zhao , Xiaobao Wu , Zhongliang Guo , Yanhao Jia , Anh Tuan Luu

Large language models (LLMs) have revolutionized software development practices, yet concerns about their safety have arisen, particularly regarding hidden backdoors, aka trojans. Backdoor attacks involve the insertion of triggers into…

Software Engineering · Computer Science 2024-03-06 Aftab Hussain , Md Rafiqul Islam Rabin , Navid Ayoobi , Mohammad Amin Alipour

Large language models (LLMs) have revolutionized software development practices, yet concerns about their safety have arisen, particularly regarding hidden backdoors, aka trojans. Backdoor attacks involve the insertion of triggers into…

Software Engineering · Computer Science 2024-05-21 Aftab Hussain , Md Rafiqul Islam Rabin , Mohammad Amin Alipour

Backdoor attack introduces artificial vulnerabilities into the model by poisoning a subset of the training data via injecting triggers and modifying labels. Various trigger design strategies have been explored to attack text classifiers,…

Computation and Language · Computer Science 2021-09-23 Zichao Li , Dheeraj Mekala , Chengyu Dong , Jingbo Shang

Backdoor attacks creating 'sleeper agents' in large language models (LLMs) pose significant safety risks. This study employs mechanistic interpretability to explore resulting internal structural differences. Comparing clean Qwen2.5-3B…

Computation and Language · Computer Science 2025-08-25 Mohammed Abu Baker , Lakshmi Babu-Saheer

Generative large language models are crucial in natural language processing, but they are vulnerable to backdoor attacks, where subtle triggers compromise their behavior. Although backdoor attacks against LLMs are constantly emerging,…

Cryptography and Security · Computer Science 2025-02-27 Xuxu Liu , Siyuan Liang , Mengya Han , Yong Luo , Aishan Liu , Xiantao Cai , Zheng He , Dacheng Tao

Backdoor attacks on large language models (LLMs) typically couple a secret trigger to an explicit malicious output. We show that this explicit association is unnecessary for common LLMs. We introduce a compliance-only backdoor: supervised…

Machine Learning · Computer Science 2025-11-18 Yuting Tan , Yi Huang , Zhuo Li

Backdoor attacks embed malicious behaviors into Large Language Models (LLMs), enabling adversaries to trigger harmful outputs or bypass safety controls. However, the persistence of the implanted backdoors under user-driven post-deployment…

Cryptography and Security · Computer Science 2025-12-18 Jing Cui , Yufei Han , Jianbin Jiao , Junge Zhang

Backdoor attacks poison the training data, causing the model to behave normally on clean inputs but predict attacker-chosen labels when trigger patterns are embedded into the input samples. Defending against such attacks is highly…

Cryptography and Security · Computer Science 2026-04-28 Wei Guo , Maura Pintor , Ambra Demontis , Battista Biggio

We study whether low-rank spectral summaries of LoRA weight deltas can identify which fine-tuning objective was applied to a language model, and whether that geometric signal predicts downstream behavioral harm. In a pre-registered…

Machine Learning · Computer Science 2026-04-13 Roi Paul

Mainstream backdoor attacks on large language models (LLMs) typically set a fixed trigger in the input instance and specific responses for triggered queries. However, the fixed trigger setting (e.g., unusual words) may be easily detected by…

Computation and Language · Computer Science 2025-01-09 Jiaming He , Wenbo Jiang , Guanyu Hou , Wenshu Fan , Rui Zhang , Hongwei Li

Recent studies have shown that Large Language Models (LLMs) are vulnerable to data poisoning attacks, where malicious training examples embed hidden behaviours triggered by specific input patterns. However, most existing works assume a…

Computation and Language · Computer Science 2025-10-10 Sanhanat Sivapiromrat , Caiqi Zhang , Marco Basaldella , Nigel Collier

Backdoor attacks involve the injection of a limited quantity of poisoned examples containing triggers into the training dataset. During the inference stage, backdoor attacks can uphold a high level of accuracy for normal examples, yet when…

Cryptography and Security · Computer Science 2024-06-25 Hanfeng Xia , Haibo Hong , Ruili Wang

Low-rank adaptation (LoRA) is a parameter-efficient fine-tuning (PEFT) method widely used in large language models (LLMs). LoRA essentially describes the projection of an input space into a low-dimensional output space, with the…

Computation and Language · Computer Science 2025-10-28 Shiwei Li , Xiandi Luo , Haozhao Wang , Xing Tang , Ziqiang Cui , Dugang Liu , Yuhua Li , Xiuqiang He , Ruixuan Li

Large visual language models (LVLMs) have demonstrated excellent instruction-following capabilities, yet remain vulnerable to stealthy backdoor attacks when finetuned using contaminated data. Existing backdoor defense techniques are usually…

Cryptography and Security · Computer Science 2025-06-09 Yuan Xun , Siyuan Liang , Xiaojun Jia , Xinwei Liu , Xiaochun Cao

Poison-only Clean-label Backdoor Attacks aim to covertly inject attacker-desired behavior into DNNs by merely poisoning the dataset without changing the labels. To effectively implant a backdoor, multiple \textbf{triggers} are proposed for…

Cryptography and Security · Computer Science 2025-10-08 Zhixiao Wu , Yao Lu , Jie Wen , Hao Sun , Qi Zhou , Guangming Lu

Current backdoor attacks against federated learning (FL) strongly rely on universal triggers or semantic patterns, which can be easily detected and filtered by certain defense mechanisms such as norm clipping, comparing parameter…

Machine Learning · Computer Science 2023-10-02 Yanqi Qiao , Dazhuang Liu , Congwen Chen , Rui Wang , Kaitai Liang