Large language model backdoor attack scheme based on syntactic structure

• 1、State Key Laboratory of Network and Switching Technology, Beijing University of Posts and Telecommunications

Abstract：With the rapid development of artificial intelligence, large language models have become a focal point of research in the field. The security of large language models has gradually garnered attention from both academia and the industry. These models typically employ a "pretraining plus fine-tuning" approach for applications. However, if a dataset containing backdoors is used for fine-tuning the pretrained model, it can compromise the overall security of the model. Based on this, this thesis focuses on conducting research on backdoor attacks during the fine-tuning phase within the context of large language models.This paper proposes a backdoor attack on large language models based on covert characters. Through analyzing the backdoor attacks in the current large language model environment, it is found that the triggers used for attacks are abrupt and singular characters. This paper will use the training data generated with the same syntactic structure features as a backdoor trigger to propose a backdoor attack suitable for large model environments. After comparing with the current backdoor attacks in large model environments, the results show that the attack method generated by this method Poisoned samples have higher attack success rate and clean accuracy in large model environments.

Keywords： Cyber security Natural Language Processing Large Language Models Backdoor Attacks Fine-tuning of Large Models