Saved in:
Bibliographic Details
Main Authors: Lin, Huawei, Lao, Yingjie, Geng, Tong, Yu, Tan, Zhao, Weijie
Format: Preprint
Published: 2025
Subjects:
Online Access:https://arxiv.org/abs/2502.13141
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866916619622547456
author Lin, Huawei
Lao, Yingjie
Geng, Tong
Yu, Tan
Zhao, Weijie
author_facet Lin, Huawei
Lao, Yingjie
Geng, Tong
Yu, Tan
Zhao, Weijie
contents Large Language Models (LLMs) are vulnerable to attacks like prompt injection, backdoor attacks, and adversarial attacks, which manipulate prompts or models to generate harmful outputs. In this paper, departing from traditional deep learning attack paradigms, we explore their intrinsic relationship and collectively term them Prompt Trigger Attacks (PTA). This raises a key question: Can we determine if a prompt is benign or poisoned? To address this, we propose UniGuardian, the first unified defense mechanism designed to detect prompt injection, backdoor attacks, and adversarial attacks in LLMs. Additionally, we introduce a single-forward strategy to optimize the detection pipeline, enabling simultaneous attack detection and text generation within a single forward pass. Our experiments confirm that UniGuardian accurately and efficiently identifies malicious prompts in LLMs.
format Preprint
id arxiv_https___arxiv_org_abs_2502_13141
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle UniGuardian: A Unified Defense for Detecting Prompt Injection, Backdoor Attacks and Adversarial Attacks in Large Language Models
Lin, Huawei
Lao, Yingjie
Geng, Tong
Yu, Tan
Zhao, Weijie
Computation and Language
Artificial Intelligence
Machine Learning
Large Language Models (LLMs) are vulnerable to attacks like prompt injection, backdoor attacks, and adversarial attacks, which manipulate prompts or models to generate harmful outputs. In this paper, departing from traditional deep learning attack paradigms, we explore their intrinsic relationship and collectively term them Prompt Trigger Attacks (PTA). This raises a key question: Can we determine if a prompt is benign or poisoned? To address this, we propose UniGuardian, the first unified defense mechanism designed to detect prompt injection, backdoor attacks, and adversarial attacks in LLMs. Additionally, we introduce a single-forward strategy to optimize the detection pipeline, enabling simultaneous attack detection and text generation within a single forward pass. Our experiments confirm that UniGuardian accurately and efficiently identifies malicious prompts in LLMs.
title UniGuardian: A Unified Defense for Detecting Prompt Injection, Backdoor Attacks and Adversarial Attacks in Large Language Models
topic Computation and Language
Artificial Intelligence
Machine Learning
url https://arxiv.org/abs/2502.13141