{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,15]],"date-time":"2025-08-15T01:02:41Z","timestamp":1755219761523,"version":"3.43.0"},"publisher-location":"Singapore","reference-count":27,"publisher":"Springer Nature Singapore","isbn-type":[{"type":"print","value":"9789819645657"},{"type":"electronic","value":"9789819645664"}],"license":[{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025]]},"DOI":"10.1007\/978-981-96-4566-4_17","type":"book-chapter","created":{"date-parts":[[2025,4,1]],"date-time":"2025-04-01T23:49:06Z","timestamp":1743551346000},"page":"246-257","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["SoftPromptAttack: Advancing Backdoor Attacks in\u00a0Language Models Through Prompt Learning Paradigms"],"prefix":"10.1007","author":[{"given":"Dixuan","family":"Chen","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Hongyang","family":"Yan","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jiatong","family":"Lin","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Fan","family":"Chen","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yu","family":"Cheng","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2025,4,1]]},"reference":[{"key":"17_CR1","doi-asserted-by":"crossref","unstructured":"Zhao, S., et al.: Prompt as triggers for backdoor attack: examining the vulnerability in language models. arXiv preprint arXiv:2305.01219 (2023)","DOI":"10.18653\/v1\/2023.emnlp-main.757"},{"key":"17_CR2","doi-asserted-by":"crossref","unstructured":"Li, L., et al.: Backdoor attacks on pre-trained models by layerwise weight poisoning. arXiv preprint arXiv:2108.13888 (2021)","DOI":"10.18653\/v1\/2021.emnlp-main.241"},{"key":"17_CR3","doi-asserted-by":"crossref","unstructured":"Yang, W., et al.: Be careful about poisoned word embeddings: exploring the vulnerability of the embedding layers in NLP models. arXiv preprint arXiv:2103.15543 (2021)","DOI":"10.18653\/v1\/2021.naacl-main.165"},{"key":"17_CR4","doi-asserted-by":"crossref","unstructured":"Li, S., et al.: Hidden backdoors in human-centric language models. In: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security (2021)","DOI":"10.1145\/3460120.3484576"},{"key":"17_CR5","doi-asserted-by":"crossref","unstructured":"Zhang, X., et al.: Trojaning language models for fun and profit. In: 2021 IEEE European Symposium on Security and Privacy (EuroS &P). IEEE (2021)","DOI":"10.1109\/EuroSP51992.2021.00022"},{"key":"17_CR6","unstructured":"Pan, X., et al.: Hidden trigger backdoor attack on NLP models via linguistic style manipulation. In: 31st USENIX Security Symposium (USENIX Security 2022) (2022)"},{"key":"17_CR7","unstructured":"Mann, B., et al.: Language models are few-shot learners. arXiv preprint arXiv:2005.14165, vol. 1 (2020)"},{"key":"17_CR8","unstructured":"Radford, A.: Improving language understanding by generative pre-training (2018)"},{"key":"17_CR9","doi-asserted-by":"crossref","unstructured":"Peters, M.E., et al.: Deep contextualized word representations. arXiv:1802.05365 (2018)","DOI":"10.18653\/v1\/N18-1202"},{"key":"17_CR10","doi-asserted-by":"crossref","unstructured":"Du, W., et al.: PPT: backdoor attacks on pre-trained models via poisoned prompt tuning. IJCAI (2022)","DOI":"10.24963\/ijcai.2022\/96"},{"key":"17_CR11","unstructured":"Cai, X., et al.: BadPrompt: backdoor attacks on continuous prompt. In: Advances in Neural Information Processing Systems, vol. 35 (2022)"},{"key":"17_CR12","unstructured":"Perez, F., Ribeiro, I.: Ignore previous prompt: attack techniques for language models. arXiv preprint arXiv:2211.09527 (2022)"},{"key":"17_CR13","unstructured":"Xu, J., et al.: Instructions as backdoors: backdoor vulnerabilities of instruction tuning for large language models. arXiv preprint arXiv:2305.14710 (2023)"},{"key":"17_CR14","unstructured":"Wang, J., et al.: Adversarial demonstration attacks on large language models. arXiv preprint arXiv:2305.14950 (2023)"},{"key":"17_CR15","unstructured":"Devlin, J., Chang, M.-W., Lee, K., Toutanova, K.: BERT: pre-training of deep bidirectional transformers for language understanding. In: Proceedings of naacL-HLT, vol. 1.0 (2019)"},{"key":"17_CR16","unstructured":"Gu, T., Dolan-Gavitt, B., Garg, S.: BadNets: identifying vulnerabilities in the machine learning model supply chain. arXiv preprint arXiv:1708.06733 (2017)"},{"key":"17_CR17","doi-asserted-by":"crossref","unstructured":"Qi, F., et al.: Turn the combination lock: learnable textual backdoor attacks via word substitution. arXiv preprint arXiv:2106.06361 (2021)","DOI":"10.18653\/v1\/2021.acl-long.377"},{"key":"17_CR18","doi-asserted-by":"crossref","unstructured":"Qi, Fanchao, et al.: Hidden killer: invisible textual backdoor attacks with syntactic trigger. arXiv preprint arXiv:2105.12400 (2021)","DOI":"10.18653\/v1\/2021.acl-long.37"},{"key":"17_CR19","doi-asserted-by":"crossref","unstructured":"Kurita, K., Michel, P., Neubig, G.: Weight poisoning attacks on pre-trained models. arXiv preprint arXiv:2004.06660 (2020)","DOI":"10.18653\/v1\/2020.acl-main.249"},{"key":"17_CR20","doi-asserted-by":"crossref","unstructured":"Xu, L., et al.: Exploring the universal vulnerability of prompt-based learning paradigm. arXiv preprint arXiv:2204.05239 (2022)","DOI":"10.18653\/v1\/2022.findings-naacl.137"},{"key":"17_CR21","doi-asserted-by":"crossref","unstructured":"Gan, L., et al.: Triggerless backdoor attack for NLP tasks with clean labels. arXiv preprint arXiv:2111.07970 (2021)","DOI":"10.18653\/v1\/2022.naacl-main.214"},{"key":"17_CR22","doi-asserted-by":"crossref","unstructured":"Qi, F., et al.: Onion: a simple and effective defense against textual backdoor attacks. arXiv preprint arXiv:2011.10369 (2020)","DOI":"10.18653\/v1\/2021.emnlp-main.752"},{"key":"17_CR23","doi-asserted-by":"crossref","unstructured":"Qi, F., et al.: Hidden killer: invisible textual backdoor attacks with syntactic trigger. arXiv preprint arXiv:2105.12400 (2021)","DOI":"10.18653\/v1\/2021.acl-long.37"},{"key":"17_CR24","doi-asserted-by":"publisher","unstructured":"Author, F., Author, S.: Title of a proceedings paper. In: Editor, F., Editor, S. (eds.) CONFERENCE 2016. LNCS, vol. 9999, pp. 1\u201313. Springer, Heidelberg (2016). https:\/\/doi.org\/10.10007\/1234567890","DOI":"10.10007\/1234567890"},{"key":"17_CR25","unstructured":"Author, F., Author, S., Author, T.: Book title, 2nd edn. Publisher, Location (1999)"},{"key":"17_CR26","unstructured":"Author, A.-B.: Contribution title. In: 9th International Proceedings on Proceedings, pp. 1\u20132. Publisher, Location (2010)"},{"key":"17_CR27","unstructured":"LNCS Homepage. http:\/\/www.springer.com\/lncs. Accessed 25 Oct 2023"}],"container-title":["Lecture Notes in Computer Science","Machine Learning for Cyber Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-981-96-4566-4_17","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,7]],"date-time":"2025-08-07T08:34:08Z","timestamp":1754555648000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-981-96-4566-4_17"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025]]},"ISBN":["9789819645657","9789819645664"],"references-count":27,"URL":"https:\/\/doi.org\/10.1007\/978-981-96-4566-4_17","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2025]]},"assertion":[{"value":"1 April 2025","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ML4CS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Machine Learning for Cyber Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Hangzhou","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"China","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"27 December 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"29 December 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"6","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"ml4cs2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/nsclab.org\/ml4cs2024\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}