{"id":"https://openalex.org/W6944428772","doi":"https://doi.org/10.18420/btw2025-59","title":"Utilising Large Language Models for Adversarial Attacks in Text-to-SQL: A Perpetrator and Victim Approach","display_name":"Utilising Large Language Models for Adversarial Attacks in Text-to-SQL: A Perpetrator and Victim Approach","publication_year":2025,"publication_date":"2025-01-01","ids":{"openalex":"https://openalex.org/W6944428772","doi":"https://doi.org/10.18420/btw2025-59"},"language":"en","primary_location":{"id":"doi:10.18420/btw2025-59","is_oa":true,"landing_page_url":"https://doi.org/10.18420/btw2025-59","pdf_url":null,"source":{"id":"https://openalex.org/S7407052918","display_name":"Gesellschaft f\u00fcr Informatik (GI)","issn_l":null,"issn":[],"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article-journal"},"type":"article","indexed_in":["datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://doi.org/10.18420/btw2025-59","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":null,"display_name":"Sahitaj, Ariana","orcid":null},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Sahitaj, Ariana","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":null,"display_name":"Nilles, Markus","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Nilles, Markus","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":null,"display_name":"Schenkel, Ralf","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Schenkel, Ralf","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"last","author":{"id":null,"display_name":"Schmitt, Vera","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Schmitt, Vera","raw_affiliation_strings":[],"affiliations":[]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":4,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.20991371,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":true,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.4959999918937683,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.4959999918937683,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.08250000327825546,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10028","display_name":"Topic Modeling","score":0.0568000003695488,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.9437999725341797},{"id":"https://openalex.org/keywords/robustness","display_name":"Robustness (evolution)","score":0.5182999968528748},{"id":"https://openalex.org/keywords/language-model","display_name":"Language model","score":0.4544999897480011},{"id":"https://openalex.org/keywords/reliability","display_name":"Reliability (semiconductor)","score":0.36329999566078186},{"id":"https://openalex.org/keywords/data-modeling","display_name":"Data modeling","score":0.3562000095844269},{"id":"https://openalex.org/keywords/benchmark","display_name":"Benchmark (surveying)","score":0.3199000060558319}],"concepts":[{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.9437999725341797},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6468999981880188},{"id":"https://openalex.org/C63479239","wikidata":"https://www.wikidata.org/wiki/Q7353546","display_name":"Robustness (evolution)","level":3,"score":0.5182999968528748},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.5042999982833862},{"id":"https://openalex.org/C137293760","wikidata":"https://www.wikidata.org/wiki/Q3621696","display_name":"Language model","level":2,"score":0.4544999897480011},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3912000060081482},{"id":"https://openalex.org/C43214815","wikidata":"https://www.wikidata.org/wiki/Q7310987","display_name":"Reliability (semiconductor)","level":3,"score":0.36329999566078186},{"id":"https://openalex.org/C67186912","wikidata":"https://www.wikidata.org/wiki/Q367664","display_name":"Data modeling","level":2,"score":0.3562000095844269},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.3391000032424927},{"id":"https://openalex.org/C185798385","wikidata":"https://www.wikidata.org/wiki/Q1161707","display_name":"Benchmark (surveying)","level":2,"score":0.3199000060558319},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.31130000948905945},{"id":"https://openalex.org/C173483453","wikidata":"https://www.wikidata.org/wiki/Q1040689","display_name":"Synonym (taxonomy)","level":3,"score":0.3102000057697296},{"id":"https://openalex.org/C204321447","wikidata":"https://www.wikidata.org/wiki/Q30642","display_name":"Natural language processing","level":1,"score":0.3084000051021576},{"id":"https://openalex.org/C3017944768","wikidata":"https://www.wikidata.org/wiki/Q1450463","display_name":"Poison control","level":2,"score":0.27489998936653137},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.27379998564720154},{"id":"https://openalex.org/C2777363581","wikidata":"https://www.wikidata.org/wiki/Q15098235","display_name":"Harm","level":2,"score":0.2599000036716461},{"id":"https://openalex.org/C18762648","wikidata":"https://www.wikidata.org/wiki/Q42213","display_name":"Work (physics)","level":2,"score":0.2578999996185303},{"id":"https://openalex.org/C41065033","wikidata":"https://www.wikidata.org/wiki/Q2825412","display_name":"Adversary","level":2,"score":0.25690001249313354}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.18420/btw2025-59","is_oa":true,"landing_page_url":"https://doi.org/10.18420/btw2025-59","pdf_url":null,"source":{"id":"https://openalex.org/S7407052918","display_name":"Gesellschaft f\u00fcr Informatik (GI)","issn_l":null,"issn":[],"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article-journal"}],"best_oa_location":{"id":"doi:10.18420/btw2025-59","is_oa":true,"landing_page_url":"https://doi.org/10.18420/btw2025-59","pdf_url":null,"source":{"id":"https://openalex.org/S7407052918","display_name":"Gesellschaft f\u00fcr Informatik (GI)","issn_l":null,"issn":[],"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article-journal"},"sustainable_development_goals":[{"score":0.7978270649909973,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"This":[0,143],"paper":[1],"investigates":[2],"the":[3,11,55,73,100,114,150,164],"use":[4],"of":[5,62,72,102,152,167],"Large":[6],"Language":[7],"Models":[8],"(LLMs)":[9],"for":[10,18,26,104],"Text-to-SQL":[12,153],"task,":[13],"both":[14],"as":[15,23,48,80],"Perpetrator":[16],"models":[17,25,87,154,169],"generating":[19],"adversarial":[20,52,64,141],"attacks":[21,112],"and":[22,40,58,82,96,158],"Victim":[24,86],"assessing":[27],"their":[28],"robustness.":[29],"In":[30],"this":[31],"study,":[32],"two":[33],"state-of-the-art":[34],"LLMs,":[35],"Llama3":[36,91],"with":[37,42,92],"70":[38],"billion":[39,44,94],"Mixtral":[41],"47":[43],"parameters,":[45],"were":[46,66],"employed":[47],"Perpetrators":[49],"to":[50,163],"generate":[51],"examples":[53,65],"at":[54,113],"character-,":[56],"word-,":[57],"sentence-level.":[59],"A":[60],"total":[61],"77,292":[63],"generated":[67],"from":[68],"2,147":[69],"data":[70],"points":[71],"Spider":[74],"test-set":[75],"using":[76],"three":[77],"additional":[78],"LLMs":[79],"Victims":[81],"evaluated":[83],"thoroughly.":[84],"These":[85],"are":[88],"based":[89],"on":[90],"8":[93],"parameters":[95],"differ":[97],"only":[98],"in":[99,155,170],"extent":[101],"fine-tuning":[103,134],"related":[105],"benchmark":[106],"tasks.":[107],"The":[108],"results":[109],"show":[110],"that":[111],"word-level,":[115],"particularly":[116],"through":[117],"synonym":[118],"replacements,":[119],"most":[120],"significantly":[121,129],"impair":[122],"model":[123],"performance.":[124],"Additionally,":[125],"providing":[126],"database":[127],"schemas":[128],"improves":[130],"execution":[131],"accuracy,":[132],"while":[133],"does":[135],"not":[136],"always":[137],"enhance":[138],"robustness":[139],"against":[140],"attacks.":[142],"work":[144],"provides":[145],"important":[146],"insights":[147],"into":[148],"improving":[149],"reliability":[151],"future":[156],"applications":[157],"makes":[159],"a":[160],"significant":[161],"contribution":[162],"further":[165],"development":[166],"these":[168],"research.":[171]},"counts_by_year":[],"updated_date":"2025-11-06T06:51:31.235846","created_date":"2025-10-10T00:00:00"}