BadCLM: Backdoor Attack in Clinical Language Models for Electronic Health Records
This work addresses a security risk in clinical decision support systems, which is critical for patient safety, but it is incremental as it applies known backdoor attack concepts to a new domain.
The paper tackled the vulnerability of clinical language models in electronic health records to backdoor attacks by introducing BadCLM, an attention-based method that embeds triggers to cause incorrect predictions, demonstrating its efficacy on an in-hospital mortality prediction task with the MIMIC III dataset.
The advent of clinical language models integrated into electronic health records (EHR) for clinical decision support has marked a significant advancement, leveraging the depth of clinical notes for improved decision-making. Despite their success, the potential vulnerabilities of these models remain largely unexplored. This paper delves into the realm of backdoor attacks on clinical language models, introducing an innovative attention-based backdoor attack method, BadCLM (Bad Clinical Language Models). This technique clandestinely embeds a backdoor within the models, causing them to produce incorrect predictions when a pre-defined trigger is present in inputs, while functioning accurately otherwise. We demonstrate the efficacy of BadCLM through an in-hospital mortality prediction task with MIMIC III dataset, showcasing its potential to compromise model integrity. Our findings illuminate a significant security risk in clinical decision support systems and pave the way for future endeavors in fortifying clinical language models against such vulnerabilities.