{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,10]],"date-time":"2026-01-10T22:56:57Z","timestamp":1768085817805,"version":"3.49.0"},"publisher-location":"New York, NY, USA","reference-count":29,"publisher":"ACM","license":[{"start":{"date-parts":[[2025,6,11]],"date-time":"2025-06-11T00:00:00Z","timestamp":1749600000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2025,6,25]]},"DOI":"10.1145\/3713081.3731747","type":"proceedings-article","created":{"date-parts":[[2025,6,6]],"date-time":"2025-06-06T17:20:36Z","timestamp":1749230436000},"page":"169-173","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":1,"title":["Large Language Model Supply Chain: Open Problems From the Security Perspective"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-8251-1669","authenticated-orcid":false,"given":"Qiang","family":"Hu","sequence":"first","affiliation":[{"name":"Tianjin University, Tianjin, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1288-6502","authenticated-orcid":false,"given":"Xiaofei","family":"Xie","sequence":"additional","affiliation":[{"name":"Singapore Management University, Singapore, Singapore"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9477-4100","authenticated-orcid":false,"given":"Sen","family":"Chen","sequence":"additional","affiliation":[{"name":"Nankai University, Tianjin, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2757-5627","authenticated-orcid":false,"given":"Lili","family":"Quan","sequence":"additional","affiliation":[{"name":"Tianjin University, Tianjin, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2083-8372","authenticated-orcid":false,"given":"Lei","family":"Ma","sequence":"additional","affiliation":[{"name":"The University of Tokyo \/ University of Alberta, Tokyo, Japan"}]}],"member":"320","published-online":{"date-parts":[[2025,6,11]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"2024. AI Risk Repository. https:\/\/airisk.mit.edu\/"},{"key":"e_1_3_2_1_2_1","unstructured":"2024. Hugging Face. https:\/\/huggingface.co\/"},{"key":"e_1_3_2_1_3_1","unstructured":"2024. ModelScan. https:\/\/github.com\/protectai\/modelscan"},{"key":"e_1_3_2_1_4_1","unstructured":"2025. LLMSC: collected papers. https:\/\/sites.google.com\/view\/llmscsec"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/3641289"},{"key":"e_1_3_2_1_6_1","volume-title":"Jailbreaker: Automated jailbreak across multiple large language model chatbots. arXiv preprint arXiv:2307.08715","author":"Deng Gelei","year":"2023","unstructured":"Gelei Deng, Yi Liu, Yuekang Li, Kailong Wang, Ying Zhang, Zefeng Li, Haoyu Wang, Tianwei Zhang, and Yang Liu. 2023. Jailbreaker: Automated jailbreak across multiple large language model chatbots. arXiv preprint arXiv:2307.08715 (2023)."},{"key":"e_1_3_2_1_7_1","volume-title":"How Robust is Google's Bard to Adversarial Image Attacks? arXiv preprint arXiv:2309.11751","author":"Dong Yinpeng","year":"2023","unstructured":"Yinpeng Dong, Huanran Chen, Jiawei Chen, Zhengwei Fang, Xiao Yang, Yichi Zhang, Yu Tian, Hang Su, and Jun Zhu. 2023. How Robust is Google's Bard to Adversarial Image Attacks? arXiv preprint arXiv:2309.11751 (2023)."},{"key":"e_1_3_2_1_8_1","volume-title":"Exploiting LLM Quantization. arXiv preprint arXiv:2405.18137","author":"Egashira Kazuki","year":"2024","unstructured":"Kazuki Egashira, Mark Vero, Robin Staab, Jingxuan He, and Martin Vechev. 2024. Exploiting LLM Quantization. arXiv preprint arXiv:2405.18137 (2024)."},{"key":"e_1_3_2_1_9_1","volume-title":"On the trustworthiness landscape of state-of-the-art generative models: A comprehensive survey. arXiv preprint arXiv:2307.16680","author":"Fan Mingyuan","year":"2023","unstructured":"Mingyuan Fan, Cen Chen, Chengyu Wang, and Jun Huang. 2023. On the trustworthiness landscape of state-of-the-art generative models: A comprehensive survey. arXiv preprint arXiv:2307.16680 (2023)."},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/ASE.2019.00080"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/3511598"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/ASE51524.2021.9678672"},{"key":"e_1_3_2_1_13_1","volume-title":"Evaluating the robustness of test selection methods for deep neural networks. arXiv preprint arXiv:2308.01314","author":"Hu Qiang","year":"2023","unstructured":"Qiang Hu, Yuejun Guo, Xiaofei Xie, Maxime Cordy, Wei Ma, Mike Papadakis, and Yves Le Traon. 2023. Evaluating the robustness of test selection methods for deep neural networks. arXiv preprint arXiv:2308.01314 (2023)."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1007\/s10462-024-10824-0"},{"key":"e_1_3_2_1_15_1","volume-title":"Llava-med: Training a large language-and-vision assistant for biomedicine in one day. Advances in Neural Information Processing Systems 36","author":"Li Chunyuan","year":"2024","unstructured":"Chunyuan Li, Cliff Wong, Sheng Zhang, Naoto Usuyama, Haotian Liu, Jianwei Yang, Tristan Naumann, Hoifung Poon, and Jianfeng Gao. 2024. Llava-med: Training a large language-and-vision assistant for biomedicine in one day. Advances in Neural Information Processing Systems 36 (2024)."},{"key":"e_1_3_2_1_16_1","volume-title":"Learning without forgetting","author":"Li Zhizhong","year":"2017","unstructured":"Zhizhong Li and Derek Hoiem. 2017. Learning without forgetting. IEEE transactions on pattern analysis and machine intelligence 40, 12 (2017), 2935\u20132947."},{"key":"e_1_3_2_1_17_1","volume-title":"Yuyao Wang, and Lingming Zhang.","author":"Liu Jiawei","year":"2024","unstructured":"Jiawei Liu, Chunqiu Steven Xia, Yuyao Wang, and Lingming Zhang. 2024. Is your code generated by chatgpt really correct? rigorous evaluation of large language models for code generation. Advances in Neural Information Processing Systems 36 (2024)."},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.18653\/v1\/2024.findings-acl.785"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/3448016.3457258"},{"key":"e_1_3_2_1_20_1","volume-title":"Pervasive label errors in test sets destabilize machine learning benchmarks. arXiv preprint arXiv:2103.14749","author":"Northcutt Curtis G","year":"2021","unstructured":"Curtis G Northcutt, Anish Athalye, and Jonas Mueller. 2021. Pervasive label errors in test sets destabilize machine learning benchmarks. arXiv preprint arXiv:2103.14749 (2021)."},{"key":"e_1_3_2_1_21_1","volume-title":"A unified framework for adversarial attack and defense in constrained feature space. arXiv preprint arXiv:2112.01156","author":"Simonetto Thibault","year":"2021","unstructured":"Thibault Simonetto, Salijona Dyrmishi, Salah Ghamizi, Maxime Cordy, and Yves Le Traon. 2021. A unified framework for adversarial attack and defense in constrained feature space. arXiv preprint arXiv:2112.01156 (2021)."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2023.3330982"},{"key":"e_1_3_2_1_23_1","volume-title":"Want to reduce labeling cost? GPT-3 can help. arXiv preprint arXiv:2108.13487","author":"Wang Shuohang","year":"2021","unstructured":"Shuohang Wang, Yang Liu, Yichong Xu, Chenguang Zhu, and Michael Zeng. 2021. Want to reduce labeling cost? GPT-3 can help. arXiv preprint arXiv:2108.13487 (2021)."},{"key":"e_1_3_2_1_24_1","volume-title":"Large language model supply chain: A research agenda. arXiv preprint arXiv:2404.12736","author":"Wang Shenao","year":"2024","unstructured":"Shenao Wang, Yanjie Zhao, Xinyi Hou, and Haoyu Wang. 2024. Large language model supply chain: A research agenda. arXiv preprint arXiv:2404.12736 (2024)."},{"key":"e_1_3_2_1_25_1","volume-title":"SoK: Understanding Vulnerabilities in the Large Language Model Supply Chain. arXiv preprint arXiv:2502.12497","author":"Wang Shenao","year":"2025","unstructured":"Shenao Wang, Yanjie Zhao, Zhao Liu, Quanchen Zou, and Haoyu Wang. 2025. SoK: Understanding Vulnerabilities in the Large Language Model Supply Chain. arXiv preprint arXiv:2502.12497 (2025)."},{"key":"e_1_3_2_1_26_1","volume-title":"Less: Selecting influential data for targeted instruction tuning. arXiv preprint arXiv:2402.04333","author":"Xia Mengzhou","year":"2024","unstructured":"Mengzhou Xia, Sadhika Malladi, Suchin Gururangan, Sanjeev Arora, and Danqi Chen. 2024. Less: Selecting influential data for targeted instruction tuning. arXiv preprint arXiv:2402.04333 (2024)."},{"key":"e_1_3_2_1_27_1","volume-title":"International Joint Conferences on Artificial Intelligence Organization.","author":"Xie Xiaofei","year":"2019","unstructured":"Xiaofei Xie, Lei Ma, Haijun Wang, Yuekang Li, Yang Liu, and Xiaohong Li. 2019. Diffichaser: Detecting disagreements for deep neural networks. International Joint Conferences on Artificial Intelligence Organization."},{"key":"e_1_3_2_1_28_1","volume-title":"Drivegpt4: Interpretable end-to-end autonomous driving via large language model","author":"Xu Zhenhua","year":"2024","unstructured":"Zhenhua Xu, Yujia Zhang, Enze Xie, Zhen Zhao, Yong Guo, Kwan-Yee K Wong, Zhenguo Li, and Hengshuang Zhao. 2024. Drivegpt4: Interpretable end-to-end autonomous driving via large language model. IEEE Robotics and Automation Letters (2024)."},{"key":"e_1_3_2_1_29_1","volume-title":"Models Are Codes: Towards Measuring Malicious Code Poisoning Attacks on Pre-trained Model Hubs. arXiv preprint arXiv:2409.09368","author":"Zhao Jian","year":"2024","unstructured":"Jian Zhao, Shenao Wang, Yanjie Zhao, Xinyi Hou, Kailong Wang, Peiming Gao, Yuanchao Zhang, Chen Wei, and Haoyu Wang. 2024. Models Are Codes: Towards Measuring Malicious Code Poisoning Attacks on Pre-trained Model Hubs. arXiv preprint arXiv:2409.09368 (2024)."}],"event":{"name":"ISSTA Companion '25: 34th ACM SIGSOFT International Symposium on Software Testing and Analysis","location":"Clarion Hotel Trondheim Trondheim Norway","acronym":"ISSTA Companion '25","sponsor":["SIGSOFT ACM Special Interest Group on Software Engineering"]},"container-title":["Proceedings of the 34th ACM SIGSOFT International Symposium on Software Testing and Analysis"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3713081.3731747","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T01:18:09Z","timestamp":1750295889000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3713081.3731747"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,6,11]]},"references-count":29,"alternative-id":["10.1145\/3713081.3731747","10.1145\/3713081"],"URL":"https:\/\/doi.org\/10.1145\/3713081.3731747","relation":{},"subject":[],"published":{"date-parts":[[2025,6,11]]},"assertion":[{"value":"2025-06-11","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}