中文
相关论文

相关论文: Token-Level Generalization in LoRA Adapter Backdoo…

200 篇论文

Large Language Models (LLMs) can acquire deceptive behaviors through backdoor attacks, where the model executes prohibited actions whenever secret triggers appear in the input. Existing safety training methods largely fail to address this…

密码学与安全 · 计算机科学 2025-10-08 Guangyu Shen , Siyuan Cheng , Xiangzhe Xu , Yuan Zhou , Hanxi Guo , Zhuo Zhang , Xiangyu Zhang

Instruction tuning enhances large vision-language models (LVLMs) but increases their vulnerability to backdoor attacks due to their open design. Unlike prior studies in static settings, this paper explores backdoor attacks in LVLM…

计算机视觉与模式识别 · 计算机科学 2024-12-17 Siyuan Liang , Jiawei Liang , Tianyu Pang , Chao Du , Aishan Liu , Mingli Zhu , Xiaochun Cao , Dacheng Tao

Multimodal Large Language Models (MLLMs) have achieved remarkable success in cross-modal understanding and generation, yet their deployment is threatened by critical safety vulnerabilities. While prior works have demonstrated the…

密码学与安全 · 计算机科学 2026-04-22 Kun Wang , Cheng Qian , Miao Yu , Lilan Peng , Liang Lin , Jiaming Zhang , Tianyu Zhang , Yu Cheng , Yang Wang

During fine-tuning, large language models (LLMs) are increasingly vulnerable to data-poisoning backdoor attacks, which compromise their reliability and trustworthiness. However, existing defense strategies suffer from limited…

密码学与安全 · 计算机科学 2025-10-13 Shuai Zhao , Xinyi Wu , Shiqian Zhao , Xiaobao Wu , Zhongliang Guo , Yanhao Jia , Anh Tuan Luu

Large language models (LLMs) have revolutionized software development practices, yet concerns about their safety have arisen, particularly regarding hidden backdoors, aka trojans. Backdoor attacks involve the insertion of triggers into…

软件工程 · 计算机科学 2024-03-06 Aftab Hussain , Md Rafiqul Islam Rabin , Navid Ayoobi , Mohammad Amin Alipour

Large language models (LLMs) have revolutionized software development practices, yet concerns about their safety have arisen, particularly regarding hidden backdoors, aka trojans. Backdoor attacks involve the insertion of triggers into…

软件工程 · 计算机科学 2024-05-21 Aftab Hussain , Md Rafiqul Islam Rabin , Mohammad Amin Alipour

Backdoor attack introduces artificial vulnerabilities into the model by poisoning a subset of the training data via injecting triggers and modifying labels. Various trigger design strategies have been explored to attack text classifiers,…

计算与语言 · 计算机科学 2021-09-23 Zichao Li , Dheeraj Mekala , Chengyu Dong , Jingbo Shang

Backdoor attacks creating 'sleeper agents' in large language models (LLMs) pose significant safety risks. This study employs mechanistic interpretability to explore resulting internal structural differences. Comparing clean Qwen2.5-3B…

计算与语言 · 计算机科学 2025-08-25 Mohammed Abu Baker , Lakshmi Babu-Saheer

Generative large language models are crucial in natural language processing, but they are vulnerable to backdoor attacks, where subtle triggers compromise their behavior. Although backdoor attacks against LLMs are constantly emerging,…

密码学与安全 · 计算机科学 2025-02-27 Xuxu Liu , Siyuan Liang , Mengya Han , Yong Luo , Aishan Liu , Xiantao Cai , Zheng He , Dacheng Tao

Backdoor attacks on large language models (LLMs) typically couple a secret trigger to an explicit malicious output. We show that this explicit association is unnecessary for common LLMs. We introduce a compliance-only backdoor: supervised…

机器学习 · 计算机科学 2025-11-18 Yuting Tan , Yi Huang , Zhuo Li

Backdoor attacks embed malicious behaviors into Large Language Models (LLMs), enabling adversaries to trigger harmful outputs or bypass safety controls. However, the persistence of the implanted backdoors under user-driven post-deployment…

密码学与安全 · 计算机科学 2025-12-18 Jing Cui , Yufei Han , Jianbin Jiao , Junge Zhang

Backdoor attacks poison the training data, causing the model to behave normally on clean inputs but predict attacker-chosen labels when trigger patterns are embedded into the input samples. Defending against such attacks is highly…

密码学与安全 · 计算机科学 2026-04-28 Wei Guo , Maura Pintor , Ambra Demontis , Battista Biggio

We study whether low-rank spectral summaries of LoRA weight deltas can identify which fine-tuning objective was applied to a language model, and whether that geometric signal predicts downstream behavioral harm. In a pre-registered…

机器学习 · 计算机科学 2026-04-13 Roi Paul

Mainstream backdoor attacks on large language models (LLMs) typically set a fixed trigger in the input instance and specific responses for triggered queries. However, the fixed trigger setting (e.g., unusual words) may be easily detected by…

计算与语言 · 计算机科学 2025-01-09 Jiaming He , Wenbo Jiang , Guanyu Hou , Wenshu Fan , Rui Zhang , Hongwei Li

Recent studies have shown that Large Language Models (LLMs) are vulnerable to data poisoning attacks, where malicious training examples embed hidden behaviours triggered by specific input patterns. However, most existing works assume a…

计算与语言 · 计算机科学 2025-10-10 Sanhanat Sivapiromrat , Caiqi Zhang , Marco Basaldella , Nigel Collier

Backdoor attacks involve the injection of a limited quantity of poisoned examples containing triggers into the training dataset. During the inference stage, backdoor attacks can uphold a high level of accuracy for normal examples, yet when…

密码学与安全 · 计算机科学 2024-06-25 Hanfeng Xia , Haibo Hong , Ruili Wang

Low-rank adaptation (LoRA) is a parameter-efficient fine-tuning (PEFT) method widely used in large language models (LLMs). LoRA essentially describes the projection of an input space into a low-dimensional output space, with the…

计算与语言 · 计算机科学 2025-10-28 Shiwei Li , Xiandi Luo , Haozhao Wang , Xing Tang , Ziqiang Cui , Dugang Liu , Yuhua Li , Xiuqiang He , Ruixuan Li

Large visual language models (LVLMs) have demonstrated excellent instruction-following capabilities, yet remain vulnerable to stealthy backdoor attacks when finetuned using contaminated data. Existing backdoor defense techniques are usually…

密码学与安全 · 计算机科学 2025-06-09 Yuan Xun , Siyuan Liang , Xiaojun Jia , Xinwei Liu , Xiaochun Cao

Poison-only Clean-label Backdoor Attacks aim to covertly inject attacker-desired behavior into DNNs by merely poisoning the dataset without changing the labels. To effectively implant a backdoor, multiple \textbf{triggers} are proposed for…

密码学与安全 · 计算机科学 2025-10-08 Zhixiao Wu , Yao Lu , Jie Wen , Hao Sun , Qi Zhou , Guangming Lu

Current backdoor attacks against federated learning (FL) strongly rely on universal triggers or semantic patterns, which can be easily detected and filtered by certain defense mechanisms such as norm clipping, comparing parameter…

机器学习 · 计算机科学 2023-10-02 Yanqi Qiao , Dazhuang Liu , Congwen Chen , Rui Wang , Kaitai Liang