Skip to content
/ BALD Public

[ICLR'25] Can We Trust Embodied Agents? Exploring Backdoor Attacks against Embodied LLM-Based Decision-Making Systems

1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Daniel-xsy/BALD

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
assets
assets
 
 
README.md
README.md
 
 

Repository files navigation

Can We Trust Embodied Agents?
Exploring Backdoor Attacks against Embodied LLM-Based Decision-Making Systems

Ruochen Jiao*1     Shaoyuan Xie*2     Justin Yue2     Takami Sato2    
Lixu Wang1     Yixuan Wang1     Qi Alfred Chen2     Qi Zhu1    

1Northwestern University     2University of California, Irvine    
*Equal contribution

   

Overview

Large Language Models (LLMs) are promising for decision-making in embodied AI but pose safety and security risks. We introduce BALD, a framework for Backdoor Attacks on LLM-based systems, exploring attack surfaces and triggers. We propose three attack mechanisms: word injection, scenario manipulation, and knowledge injection. Our experiments on GPT-3.5, LLaMA2, and PaLM2 in autonomous driving and home robot tasks show high success rates and stealthiness. Our findings highlight critical vulnerabilities and the need for robust defenses in embodied LLM systems.

Teaser Figure

Experiments

Comming soon.

About

[ICLR'25] Can We Trust Embodied Agents? Exploring Backdoor Attacks against Embodied LLM-Based Decision-Making Systems

Topics

security robotics autonomous-driving backdoor-attacks embodied-agent llm

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published