DualSentinel: A Lightweight Framework for Detecting Targeted Attacks in Black-box LLM via Dual Entropy Lull Pattern

Researchers introduce DualSentinel, a lightweight framework for detecting targeted attacks on Large Language Models by identifying 'Entropy Lull' patterns - periods of abnormally low token probability entropy that indicate when LLMs are being coercively controlled. The system uses dual-check verification to accurately detect backdoor and prompt injection attacks with near-zero false positives while maintaining minimal computational overhead.

• →DualSentinel detects LLM attacks by monitoring entropy patterns during text generation without requiring high access rights or prohibitive costs.
• →The framework identifies 'Entropy Lull' periods where compromised LLMs show abnormally low and stable token probability entropy.
• →A dual-check approach combines magnitude/trend monitoring with task-flipping verification to confirm attacks with high accuracy.
• →Extensive evaluations demonstrate superior detection accuracy with near-zero false positives and negligible additional computational cost.
• →The solution addresses practical limitations of existing LLM defense mechanisms that hinder normal inference in real-world deployments.