{"id":"https://openalex.org/W4385562573","doi":"https://doi.org/10.1145/3580305.3599395","title":"Investigating Trojan Attacks on Pre-trained Language Model-powered Database Middleware","display_name":"Investigating Trojan Attacks on Pre-trained Language Model-powered Database Middleware","publication_year":2023,"publication_date":"2023-08-04","ids":{"openalex":"https://openalex.org/W4385562573","doi":"https://doi.org/10.1145/3580305.3599395"},"language":"en","primary_location":{"id":"doi:10.1145/3580305.3599395","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3580305.3599395","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 29th ACM SIGKDD Conference on Knowledge Discovery and Data Mining","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5079721189","display_name":"Peiran Dong","orcid":"https://orcid.org/0000-0002-1129-9218"},"institutions":[{"id":"https://openalex.org/I14243506","display_name":"Hong Kong Polytechnic University","ror":"https://ror.org/0030zas98","country_code":"HK","type":"education","lineage":["https://openalex.org/I14243506"]}],"countries":["HK"],"is_corresponding":true,"raw_author_name":"Peiran Dong","raw_affiliation_strings":["Hong Kong Polytechnic University, Hong Kong, Hong Kong"],"affiliations":[{"raw_affiliation_string":"Hong Kong Polytechnic University, Hong Kong, Hong Kong","institution_ids":["https://openalex.org/I14243506"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5043464306","display_name":"Song Guo","orcid":"https://orcid.org/0000-0001-9831-2202"},"institutions":[{"id":"https://openalex.org/I14243506","display_name":"Hong Kong Polytechnic University","ror":"https://ror.org/0030zas98","country_code":"HK","type":"education","lineage":["https://openalex.org/I14243506"]}],"countries":["HK"],"is_corresponding":false,"raw_author_name":"Song Guo","raw_affiliation_strings":["Hong Kong Polytechnic University, Hong Kong, Hong Kong"],"affiliations":[{"raw_affiliation_string":"Hong Kong Polytechnic University, Hong Kong, Hong Kong","institution_ids":["https://openalex.org/I14243506"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5011648324","display_name":"Junxiao Wang","orcid":null},"institutions":[{"id":"https://openalex.org/I71920554","display_name":"King Abdullah University of Science and Technology","ror":"https://ror.org/01q3tbs38","country_code":"SA","type":"education","lineage":["https://openalex.org/I71920554"]}],"countries":["SA"],"is_corresponding":false,"raw_author_name":"Junxiao Wang","raw_affiliation_strings":["King Abdullah University of Science and Technology, Thuwal, Saudi Arabia"],"affiliations":[{"raw_affiliation_string":"King Abdullah University of Science and Technology, Thuwal, Saudi Arabia","institution_ids":["https://openalex.org/I71920554"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5079721189"],"corresponding_institution_ids":["https://openalex.org/I14243506"],"apc_list":null,"apc_paid":null,"fwci":0.6913,"has_fulltext":false,"cited_by_count":4,"citation_normalized_percentile":{"value":0.75484885,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":94,"max":96},"biblio":{"volume":null,"issue":null,"first_page":"437","last_page":"447"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.991599977016449,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.991599977016449,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10028","display_name":"Topic Modeling","score":0.9524999856948853,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.944100022315979,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/trojan","display_name":"Trojan","score":0.9582356214523315},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8099092841148376},{"id":"https://openalex.org/keywords/middleware","display_name":"Middleware (distributed applications)","score":0.8089694976806641},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.553366482257843},{"id":"https://openalex.org/keywords/task","display_name":"Task (project management)","score":0.48738032579421997},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4575052261352539},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.08063575625419617}],"concepts":[{"id":"https://openalex.org/C174333608","wikidata":"https://www.wikidata.org/wiki/Q19635","display_name":"Trojan","level":2,"score":0.9582356214523315},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8099092841148376},{"id":"https://openalex.org/C169468491","wikidata":"https://www.wikidata.org/wiki/Q146923","display_name":"Middleware (distributed applications)","level":2,"score":0.8089694976806641},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.553366482257843},{"id":"https://openalex.org/C2780451532","wikidata":"https://www.wikidata.org/wiki/Q759676","display_name":"Task (project management)","level":2,"score":0.48738032579421997},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4575052261352539},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.08063575625419617},{"id":"https://openalex.org/C201995342","wikidata":"https://www.wikidata.org/wiki/Q682496","display_name":"Systems engineering","level":1,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1145/3580305.3599395","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3580305.3599395","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 29th ACM SIGKDD Conference on Knowledge Discovery and Data Mining","raw_type":"proceedings-article"},{"id":"pmh:oai:repository.hkust.edu.hk:1783.1-131649","is_oa":false,"landing_page_url":"http://repository.hkust.edu.hk/ir/Record/1783.1-131649","pdf_url":null,"source":{"id":"https://openalex.org/S4306401796","display_name":"Rare & Special e-Zone (The Hong Kong University of Science and Technology)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I200769079","host_organization_name":"Hong Kong University of Science and Technology","host_organization_lineage":["https://openalex.org/I200769079"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"Conference paper"},{"id":"pmh:oai:repository.kaust.edu.sa:10754/693486","is_oa":false,"landing_page_url":"http://hdl.handle.net/10754/693486","pdf_url":null,"source":{"id":"https://openalex.org/S4306401596","display_name":"King Abdullah University of Science and Technology Repository (King Abdullah University of Science and Technology)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I71920554","host_organization_name":"King Abdullah University of Science and Technology","host_organization_lineage":["https://openalex.org/I71920554"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Conference Paper"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.4300000071525574,"display_name":"Quality Education","id":"https://metadata.un.org/sdg/4"}],"awards":[{"id":"https://openalex.org/G3017900995","display_name":null,"funder_award_id":"JCYJ20200109142008673","funder_id":"https://openalex.org/F4320326705","funder_display_name":"Science, Technology and Innovation Commission of Shenzhen Municipality"},{"id":"https://openalex.org/G3802291057","display_name":null,"funder_award_id":"R5060-19","funder_id":"https://openalex.org/F4320307285","funder_display_name":"Impact Fund"}],"funders":[{"id":"https://openalex.org/F4320307285","display_name":"Impact Fund","ror":"https://ror.org/00jb20j87"},{"id":"https://openalex.org/F4320326705","display_name":"Science, Technology and Innovation Commission of Shenzhen Municipality","ror":null}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":27,"referenced_works":["https://openalex.org/W1566289585","https://openalex.org/W2194775991","https://openalex.org/W2798649495","https://openalex.org/W2890431379","https://openalex.org/W2930957955","https://openalex.org/W2945883855","https://openalex.org/W2963026768","https://openalex.org/W2963899988","https://openalex.org/W2979826702","https://openalex.org/W3014705052","https://openalex.org/W3035140194","https://openalex.org/W3035367371","https://openalex.org/W3047587361","https://openalex.org/W3084740534","https://openalex.org/W3100405174","https://openalex.org/W3109409894","https://openalex.org/W3123375411","https://openalex.org/W3154581591","https://openalex.org/W3167002899","https://openalex.org/W3174836606","https://openalex.org/W3175052694","https://openalex.org/W3176270593","https://openalex.org/W3176393001","https://openalex.org/W3196832521","https://openalex.org/W3212213895","https://openalex.org/W3213508244","https://openalex.org/W3214600982"],"related_works":["https://openalex.org/W4253721122","https://openalex.org/W1671033612","https://openalex.org/W4389527383","https://openalex.org/W4206524843","https://openalex.org/W2139923244","https://openalex.org/W2237899707","https://openalex.org/W576137284","https://openalex.org/W2116135171","https://openalex.org/W2057970756","https://openalex.org/W3124616678"],"abstract_inverted_index":{"The":[0,114,151],"recent":[1],"success":[2],"of":[3,16,40,54,90,142,155,159,172,192,198],"pre-trained":[4],"language":[5,23],"models":[6],"(PLMs)":[7],"such":[8],"as":[9,43],"BERT":[10],"has":[11,31],"resulted":[12],"in":[13,101,189,200],"the":[14,36,72,102,109,131,143,147,170,190,196],"development":[15],"various":[17],"beneficial":[18],"database":[19,82,103,116,201],"middlewares,":[20],"including":[21],"natural":[22],"query":[24],"interfaces":[25],"and":[26,56,178,182],"entity":[27],"matching.":[28],"This":[29,69],"shift":[30],"been":[32],"greatly":[33],"facilitated":[34],"by":[35,48,76,130],"extensive":[37],"external":[38],"knowledge":[39],"PLMs.":[41],"However,":[42],"PLMs":[44,78,199],"are":[45],"often":[46],"provided":[47],"untrusted":[49],"third":[50],"parties,":[51],"their":[52,183],"lack":[53],"standardization":[55],"regulation":[57],"poses":[58],"significant":[59],"security":[60,73],"risks":[61],"that":[62],"have":[63],"yet":[64],"to":[65,79,145],"be":[66],"fully":[67],"explored.":[68],"paper":[70],"investigates":[71],"threats":[74],"posed":[75],"malicious":[77],"these":[80,173],"emerging":[81],"middleware.":[83,104,202],"We":[84,167],"specifically":[85],"propose":[86],"a":[87,94,157],"novel":[88],"type":[89],"Trojan":[91,106,152,174],"attack,":[92],"where":[93],"maliciously":[95],"designed":[96],"PLM":[97],"causes":[98],"unexpected":[99],"behavior":[100],"These":[105],"attacks":[107,175],"possess":[108],"following":[110],"characteristics:":[111],"(1)":[112],"Triggerability:":[113],"Trojan-infected":[115],"middleware":[117],"will":[118,125],"function":[119],"normally":[120],"with":[121],"normal":[122],"input,":[123],"but":[124],"likely":[126],"malfunction":[127],"when":[128],"triggered":[129],"attacker.":[132],"(2)":[133],"Imperceptibility:":[134],"There":[135],"is":[136,153],"no":[137],"need":[138],"for":[139,195],"noticeable":[140],"modification":[141],"input":[144],"trigger":[146],"Trojan.":[148],"(3)":[149],"Generalizability:":[150],"capable":[154],"targeting":[156],"variety":[158],"downstream":[160],"tasks,":[161],"not":[162],"just":[163],"one":[164],"specific":[165],"task.":[166],"thoroughly":[168],"evaluate":[169],"impact":[171],"through":[176],"experiments":[177],"analyze":[179],"potential":[180],"countermeasures":[181],"limitations.":[184],"Our":[185],"findings":[186],"could":[187],"aid":[188],"creation":[191],"stronger":[193],"mechanisms":[194],"implementation":[197]},"counts_by_year":[{"year":2025,"cited_by_count":2},{"year":2024,"cited_by_count":2}],"updated_date":"2026-04-10T15:06:20.359241","created_date":"2025-10-10T00:00:00"}