{"id":"https://openalex.org/W4404037751","doi":"https://doi.org/10.1109/allerton63246.2024.10735305","title":"Mitigating Backdoor Threats to Large Language Models: Advancement and Challenges","display_name":"Mitigating Backdoor Threats to Large Language Models: Advancement and Challenges","publication_year":2024,"publication_date":"2024-09-24","ids":{"openalex":"https://openalex.org/W4404037751","doi":"https://doi.org/10.1109/allerton63246.2024.10735305"},"language":"en","primary_location":{"id":"doi:10.1109/allerton63246.2024.10735305","is_oa":false,"landing_page_url":"https://doi.org/10.1109/allerton63246.2024.10735305","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2024 60th Annual Allerton Conference on Communication, Control, and Computing","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5100611326","display_name":"Qin Liu","orcid":"https://orcid.org/0009-0000-8303-8757"},"institutions":[{"id":"https://openalex.org/I84218800","display_name":"University of California, Davis","ror":"https://ror.org/05rrcem69","country_code":"US","type":"education","lineage":["https://openalex.org/I84218800"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Qin Liu","raw_affiliation_strings":["University of California, Davis"],"affiliations":[{"raw_affiliation_string":"University of California, Davis","institution_ids":["https://openalex.org/I84218800"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5029147424","display_name":"Wenjie Mo","orcid":null},"institutions":[{"id":"https://openalex.org/I84218800","display_name":"University of California, Davis","ror":"https://ror.org/05rrcem69","country_code":"US","type":"education","lineage":["https://openalex.org/I84218800"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Wenjie Mo","raw_affiliation_strings":["University of California, Davis"],"affiliations":[{"raw_affiliation_string":"University of California, Davis","institution_ids":["https://openalex.org/I84218800"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100257890","display_name":"Terry Tong","orcid":null},"institutions":[{"id":"https://openalex.org/I84218800","display_name":"University of California, Davis","ror":"https://ror.org/05rrcem69","country_code":"US","type":"education","lineage":["https://openalex.org/I84218800"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Terry Tong","raw_affiliation_strings":["University of California, Davis"],"affiliations":[{"raw_affiliation_string":"University of California, Davis","institution_ids":["https://openalex.org/I84218800"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101890240","display_name":"Jiashu Xu","orcid":"https://orcid.org/0000-0001-6300-3629"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Jiashu Xu","raw_affiliation_strings":["NVIDIA"],"affiliations":[{"raw_affiliation_string":"NVIDIA","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100455805","display_name":"Fei Wang","orcid":"https://orcid.org/0000-0002-2212-3947"},"institutions":[{"id":"https://openalex.org/I1174212","display_name":"University of Southern California","ror":"https://ror.org/03taz7m60","country_code":"US","type":"education","lineage":["https://openalex.org/I1174212"]},{"id":"https://openalex.org/I2800817003","display_name":"Southern California University for Professional Studies","ror":"https://ror.org/058zz0t50","country_code":"US","type":"education","lineage":["https://openalex.org/I2800817003"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Fei Wang","raw_affiliation_strings":["University of Southern California"],"affiliations":[{"raw_affiliation_string":"University of Southern California","institution_ids":["https://openalex.org/I2800817003","https://openalex.org/I1174212"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5005843046","display_name":"Chaowei Xiao","orcid":"https://orcid.org/0000-0002-7043-4926"},"institutions":[{"id":"https://openalex.org/I135310074","display_name":"University of Wisconsin\u2013Madison","ror":"https://ror.org/01y2jtd41","country_code":"US","type":"education","lineage":["https://openalex.org/I135310074"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Chaowei Xiao","raw_affiliation_strings":["University of Wisconsin,Madison"],"affiliations":[{"raw_affiliation_string":"University of Wisconsin,Madison","institution_ids":["https://openalex.org/I135310074"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5102861481","display_name":"Muhao Chen","orcid":"https://orcid.org/0000-0003-0118-3147"},"institutions":[{"id":"https://openalex.org/I84218800","display_name":"University of California, Davis","ror":"https://ror.org/05rrcem69","country_code":"US","type":"education","lineage":["https://openalex.org/I84218800"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Muhao Chen","raw_affiliation_strings":["University of California, Davis"],"affiliations":[{"raw_affiliation_string":"University of California, Davis","institution_ids":["https://openalex.org/I84218800"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":7,"corresponding_author_ids":["https://openalex.org/A5100611326"],"corresponding_institution_ids":["https://openalex.org/I84218800"],"apc_list":null,"apc_paid":null,"fwci":1.366,"has_fulltext":false,"cited_by_count":4,"citation_normalized_percentile":{"value":0.84728356,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":96,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"8"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10028","display_name":"Topic Modeling","score":0.4794999957084656,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10028","display_name":"Topic Modeling","score":0.4794999957084656,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/backdoor","display_name":"Backdoor","score":0.9884287118911743},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6759119033813477},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4863772690296173}],"concepts":[{"id":"https://openalex.org/C2781045450","wikidata":"https://www.wikidata.org/wiki/Q254569","display_name":"Backdoor","level":2,"score":0.9884287118911743},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6759119033813477},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4863772690296173}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/allerton63246.2024.10735305","is_oa":false,"landing_page_url":"https://doi.org/10.1109/allerton63246.2024.10735305","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2024 60th Annual Allerton Conference on Communication, Control, and Computing","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.7200000286102295,"id":"https://metadata.un.org/sdg/4","display_name":"Quality Education"}],"awards":[{"id":"https://openalex.org/G6584218474","display_name":null,"funder_award_id":"HR00112490370","funder_id":"https://openalex.org/F4320332180","funder_display_name":"Defense Advanced Research Projects Agency"}],"funders":[{"id":"https://openalex.org/F4320332180","display_name":"Defense Advanced Research Projects Agency","ror":"https://ror.org/02caytj08"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":110,"referenced_works":["https://openalex.org/W2807363941","https://openalex.org/W2970078867","https://openalex.org/W2973217491","https://openalex.org/W2982756474","https://openalex.org/W2986013765","https://openalex.org/W2990270730","https://openalex.org/W3038046627","https://openalex.org/W3083045783","https://openalex.org/W3109409894","https://openalex.org/W3128663834","https://openalex.org/W3152758407","https://openalex.org/W3158487140","https://openalex.org/W3170572542","https://openalex.org/W3176270593","https://openalex.org/W3196731672","https://openalex.org/W3205696278","https://openalex.org/W3207360435","https://openalex.org/W3208328782","https://openalex.org/W4220780057","https://openalex.org/W4225080353","https://openalex.org/W4230172274","https://openalex.org/W4252979261","https://openalex.org/W4280510162","https://openalex.org/W4280586943","https://openalex.org/W4297253404","https://openalex.org/W4323655724","https://openalex.org/W4365511667","https://openalex.org/W4385571453","https://openalex.org/W4385571840","https://openalex.org/W4389518789","https://openalex.org/W4389519269","https://openalex.org/W4389523874","https://openalex.org/W4391696889","https://openalex.org/W4393065402","https://openalex.org/W4393976865","https://openalex.org/W4394673277","https://openalex.org/W4396897910","https://openalex.org/W4400121199","https://openalex.org/W4401042403","https://openalex.org/W4401042463","https://openalex.org/W4401042660","https://openalex.org/W4401042705","https://openalex.org/W4401042878","https://openalex.org/W4401042972","https://openalex.org/W4401043416","https://openalex.org/W4401043945","https://openalex.org/W4401438376","https://openalex.org/W4402264526","https://openalex.org/W4402671722","https://openalex.org/W4402671843","https://openalex.org/W4403577319","https://openalex.org/W6729842900","https://openalex.org/W6743581629","https://openalex.org/W6755207826","https://openalex.org/W6759579507","https://openalex.org/W6767182473","https://openalex.org/W6769627184","https://openalex.org/W6770046844","https://openalex.org/W6771462474","https://openalex.org/W6778883912","https://openalex.org/W6779617750","https://openalex.org/W6779919683","https://openalex.org/W6791576469","https://openalex.org/W6792327856","https://openalex.org/W6796581206","https://openalex.org/W6802269988","https://openalex.org/W6802669662","https://openalex.org/W6802862418","https://openalex.org/W6809583738","https://openalex.org/W6810081322","https://openalex.org/W6810296985","https://openalex.org/W6838562696","https://openalex.org/W6847307017","https://openalex.org/W6849638892","https://openalex.org/W6851868237","https://openalex.org/W6851880694","https://openalex.org/W6852289817","https://openalex.org/W6852368700","https://openalex.org/W6852723045","https://openalex.org/W6854437940","https://openalex.org/W6855083434","https://openalex.org/W6855173278","https://openalex.org/W6855469472","https://openalex.org/W6855873836","https://openalex.org/W6857066902","https://openalex.org/W6857626974","https://openalex.org/W6858250622","https://openalex.org/W6858691305","https://openalex.org/W6859173201","https://openalex.org/W6860318346","https://openalex.org/W6860616875","https://openalex.org/W6861292197","https://openalex.org/W6861356901","https://openalex.org/W6861883325","https://openalex.org/W6861996551","https://openalex.org/W6862794917","https://openalex.org/W6863083980","https://openalex.org/W6863097404","https://openalex.org/W6863208875","https://openalex.org/W6869049278","https://openalex.org/W6869097575","https://openalex.org/W6869106475","https://openalex.org/W6869209932","https://openalex.org/W6870145265","https://openalex.org/W6870688052","https://openalex.org/W6872230664","https://openalex.org/W6873148494","https://openalex.org/W6873575460","https://openalex.org/W6873932616","https://openalex.org/W6878353227"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2899084033","https://openalex.org/W2748952813","https://openalex.org/W4320031223","https://openalex.org/W4200629851","https://openalex.org/W4281902577","https://openalex.org/W4309417370","https://openalex.org/W4292107232","https://openalex.org/W3009072493","https://openalex.org/W4401407399"],"abstract_inverted_index":{"The":[0],"advancement":[1,130],"of":[2,40,54,114],"Large":[3],"Language":[4],"Models":[5],"(LLMs)":[6],"has":[7],"significantly":[8],"impacted":[9],"various":[10],"domains,":[11],"including":[12],"Web":[13],"search,":[14],"healthcare,":[15],"and":[16,81,98,127,134],"software":[17],"development.":[18],"However,":[19],"as":[20,91],"these":[21,89,150],"models":[22],"scale,":[23],"they":[24,92],"become":[25],"more":[26],"vulnerable":[27],"to":[28,58,118,141],"cybersecurity":[29],"risks,":[30],"particularly":[31],"backdoor":[32,67,116,139],"attacks.":[33],"By":[34],"exploiting":[35],"the":[36,65,71],"potent":[37],"memorization":[38],"capacity":[39],"LLMs,":[41],"adversaries":[42],"can":[43],"easily":[44],"inject":[45],"backdoors":[46],"into":[47],"LLMs":[48,119],"by":[49,70],"manipulating":[50],"a":[51,111],"small":[52],"portion":[53],"training":[55],"data,":[56],"leading":[57],"malicious":[59],"behaviors":[60],"in":[61,131,148],"downstream":[62],"applications":[63],"whenever":[64],"hidden":[66],"is":[68],"activated":[69],"pre-defined":[72],"triggers.":[73],"Moreover,":[74],"emerging":[75,115],"learning":[76,83],"paradigms":[77],"like":[78],"instruction":[79],"tuning":[80],"reinforcement":[82],"from":[84],"human":[85,99],"feedback":[86],"(RLHF)":[87],"exacerbate":[88],"risks":[90],"rely":[93],"heavily":[94],"on":[95],"crowdsourced":[96],"data":[97],"feedback,":[100],"which":[101],"are":[102],"not":[103],"fully":[104],"controlled.":[105],"In":[106],"this":[107],"paper,":[108],"we":[109],"present":[110],"comprehensive":[112],"survey":[113],"threats":[117,140],"that":[120],"appear":[121],"during":[122],"LLM":[123],"development":[124],"or":[125],"inference,":[126],"cover":[128],"recent":[129],"both":[132],"defense":[133],"detection":[135],"strategies":[136],"for":[137,154],"mitigating":[138],"LLMs.":[142],"We":[143],"also":[144],"outline":[145],"key":[146],"challenges":[147],"addressing":[149],"threats,":[151],"highlighting":[152],"areas":[153],"future":[155],"research.":[156]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":3}],"updated_date":"2026-04-09T08:11:56.329763","created_date":"2025-10-10T00:00:00"}