Large Language Models (LLMs), known for their exceptional capabilities in semantic understanding and text generation, have become integral components of communication network applications. However, their open architecture and transparent parameter configurations make them highly vulnerable to white-box attacks. Malicious actors, equipped with direct access to model weights, gradient information, or training datasets, can orchestrate highly targeted attacks that compromise model functionality, expose sensitive information, and introduce systemic security risks. This study investigates the technical intricacies and defensive challenges posed by white-box attacks within communication network ecosystems. To provide a structured perspective, a classification framework is proposed, categorizing white-box attacks into three primary types: gradient-driven adversarial optimization attacks, parameter space-based attacks, and fine-tuning-based attacks. Current research reveals significant limitations in existing defense mechanisms, particularly in dynamic adversarial scenarios, such as collaborative multi-device communication systems. In these contexts, attackers exploit white-box vulnerabilities to bypass conventional defenses, leading to harmful outputs or the leakage of confidential data, thus amplifying systemic risks. Therefore, future research must focus on developing advanced countermeasures, including dynamic parameter obfuscation strategies, distributed defense architectures, and co-optimization techniques that balance adversarial robustness with communication efficiency. In addition, the establishment of a dynamic defense paradigm tailored to white-box scenarios is imperative. This research provides both a theoretical foundation and practical guidelines for designing secure and reliable LLM-based communication systems, fostering the evolution of intelligent communication networks toward enhanced reliability and adaptability.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

A Comprehensive Survey on White-Box Security Threats for Large Language Models

  • Wenbiao Du,
  • Tengfei Yang,
  • Zhihan Sun,
  • Xiuqi Yang,
  • Zeyang Liu,
  • Jingfeng Xue

摘要

Large Language Models (LLMs), known for their exceptional capabilities in semantic understanding and text generation, have become integral components of communication network applications. However, their open architecture and transparent parameter configurations make them highly vulnerable to white-box attacks. Malicious actors, equipped with direct access to model weights, gradient information, or training datasets, can orchestrate highly targeted attacks that compromise model functionality, expose sensitive information, and introduce systemic security risks. This study investigates the technical intricacies and defensive challenges posed by white-box attacks within communication network ecosystems. To provide a structured perspective, a classification framework is proposed, categorizing white-box attacks into three primary types: gradient-driven adversarial optimization attacks, parameter space-based attacks, and fine-tuning-based attacks. Current research reveals significant limitations in existing defense mechanisms, particularly in dynamic adversarial scenarios, such as collaborative multi-device communication systems. In these contexts, attackers exploit white-box vulnerabilities to bypass conventional defenses, leading to harmful outputs or the leakage of confidential data, thus amplifying systemic risks. Therefore, future research must focus on developing advanced countermeasures, including dynamic parameter obfuscation strategies, distributed defense architectures, and co-optimization techniques that balance adversarial robustness with communication efficiency. In addition, the establishment of a dynamic defense paradigm tailored to white-box scenarios is imperative. This research provides both a theoretical foundation and practical guidelines for designing secure and reliable LLM-based communication systems, fostering the evolution of intelligent communication networks toward enhanced reliability and adaptability.