Claim-Guided Textual Backdoor Attack for Practical Applications
This work addresses security vulnerabilities in large language models for practical applications, representing a novel method for enhancing the feasibility of backdoor attacks.
The paper tackles the problem of making backdoor attacks more practical by eliminating the need for input manipulation after model distribution, introducing a claim-guided approach that uses inherent textual claims as triggers to trick models into misbehaving on targeted claims while maintaining performance on clean data.
Recent advances in natural language processing and the increased use of large language models have exposed new security vulnerabilities, such as backdoor attacks. Previous backdoor attacks require input manipulation after model distribution to activate the backdoor, posing limitations in real-world applicability. Addressing this gap, we introduce a novel Claim-Guided Backdoor Attack (CGBA), which eliminates the need for such manipulations by utilizing inherent textual claims as triggers. CGBA leverages claim extraction, clustering, and targeted training to trick models to misbehave on targeted claims without affecting their performance on clean data. CGBA demonstrates its effectiveness and stealthiness across various datasets and models, significantly enhancing the feasibility of practical backdoor attacks. Our code and data will be available at https://github.com/PaperCGBA/CGBA.