Discover and explore top open-source AI tools and projects—updated daily.
bboylygBenchmark for LLM backdoor attacks and defenses
Top 85.8% on SourcePulse
This project introduces BackdoorLLM, the first comprehensive benchmark for studying backdoor attacks on Large Language Models (LLMs). It provides a standardized framework and repository to facilitate research into diverse attack vectors and defense mechanisms, aiming to advance AI safety and awareness of LLM vulnerabilities. The benchmark is designed for AI safety researchers and practitioners.
How It Works
BackdoorLLM employs a standardized pipeline for training backdoored LLMs using four primary attack strategies: Data Poisoning (DPA), Weight Poisoning (WPA), Hidden State Steering (HSA), and Chain-of-Thought Attacks (CoTA). It includes extensive evaluations across various LLM architectures (e.g., Llama, Mistral) and datasets. A unified defense suite, Backdoor-DefenseBox, integrates seven representative mitigation techniques, enabling systematic and reproducible comparisons of attacks, models, and tasks.
Quick Start & Requirements
git clone https://github.com/bboylyg/BackdoorLLM.git), navigate into the directory, and install dependencies (pip install -r requirements.txt).cd ./attack/DPA then GRADIO_SHARE=1 python backdoor_webui.py after installation.Highlighted Details
Maintenance & Community
The project has an active HuggingFace community for contributions. The associated paper has been accepted to NeurIPS 2025, indicating ongoing academic engagement and validation. Release notes span from August 2024 to September 2025.
Licensing & Compatibility
The repository is licensed under the Apache-2.0 License. Users must adhere to the specific licenses of the individual model weights used.
Limitations & Caveats
Evaluating the clean utility of backdoored LLMs remains an open challenge. The project's data and model weights are strictly for research purposes, prohibiting unauthorized or malicious use.
4 months ago
1 day
anthropics