Attack and defense techniques in large language models: A survey and new perspectives
It addresses security and ethical vulnerabilities in LLMs for researchers and practitioners, but is incremental as a survey.
This survey systematically explores attack and defense techniques in large language models, classifying attacks into categories like adversarial prompts and model theft, and analyzing defense strategies, while highlighting open problems such as adaptive defenses and standardized evaluations.
Large Language Models (LLMs) have become central to numerous natural language processing tasks, but their vulnerabilities present significant security and ethical challenges. This systematic survey explores the evolving landscape of attack and defense techniques in LLMs. We classify attacks into adversarial prompt attack, optimized attacks, model theft, as well as attacks on application of LLMs, detailing their mechanisms and implications. Consequently, we analyze defense strategies, including prevention-based and detection-based defense methods. Although advances have been made, challenges remain to adapt to the dynamic threat landscape, balance usability with robustness, and address resource constraints in defense implementation. We highlight open problems, including the need for adaptive scalable defenses, explainable security techniques, and standardized evaluation frameworks. This survey provides actionable insights and directions for developing secure and resilient LLMs, emphasizing the importance of interdisciplinary collaboration and ethical considerations to mitigate risks in real-world applications.