Since the emergence of security concerns in artificial intelligence (AI), there has been significant attention devoted to the examination of backdoor attacks. Attackers can utilize backdoor attacks to manipulate model predictions, leading to significant potential harm. However, current research on backdoor attacks and defenses in both theoretical and practical fields still has many shortcomings. To systematically analyze these shortcomings and address the lack of comprehensive reviews, this paper presents a comprehensive and systematic summary of both backdoor attacks and defenses targeting multi-domain AI models. Simultaneously, based on the design principles and shared characteristics of triggers in different domains and the implementation stages of backdoor defense, this paper proposes a new classification method for backdoor attacks and defenses. We use this method to extensively review backdoor attacks in the fields of computer vision and natural language processing, and also examine the current applications of backdoor attacks in audio recognition, video action recognition, multimodal tasks, time series tasks, generative learning, and reinforcement learning, while critically analyzing the open problems of various backdoor attack techniques and defense strategies. Finally, this paper builds upon the analysis of the current state of AI security to further explore potential future research directions for backdoor attacks and defenses.

中文翻译：

---

针对多域 AI 模型的后门攻击和防御：综合回顾


自从人工智能 （AI） 中出现安全问题以来，人们对后门攻击的检查受到了极大的关注。攻击者可以利用后门攻击来操纵模型预测，从而导致重大的潜在危害。然而，目前对后门攻击和防御的研究在理论和实践领域都存在许多不足。为了系统分析这些缺点并解决缺乏全面综述的问题，本文对针对多域 AI 模型的后门攻击和防御进行了全面、系统的总结。同时，基于不同领域触发器的设计原则和共同特征以及后门防御的实现阶段，该文提出了一种新的后门攻击和防御分类方法。本文利用该方法对计算机视觉和自然语言处理领域的后门攻击进行了广泛综述，并考察了当前后门攻击在音频识别、视频动作识别、多模态任务、时间序列任务、生成学习和强化学习中的应用，同时批判性地分析了各种后门攻击技术和防御策略的开放性问题。最后，本文在对 AI 安全现状的分析的基础上，进一步探索了后门攻击和防御的未来潜在研究方向。