KIT | KIT-Bibliothek | Impressum | Datenschutz

TrustSeed: Lightweight Attestation Protocol for Ensuring LLM Integrity

Alsharkawy, Mohamed 1; Ahmed, Mohamed Aboelenien 1; Nassar, Hassan ORCID iD icon 1; Gonzalez, Jeferson; Khdr, Heba ORCID iD icon 1; Abboud, Osama; Xiao, Xun; Henkel, Jörg 1
1 Institut für Technische Informatik (ITEC), Karlsruher Institut für Technologie (KIT)

Abstract:

Over the last couple of years, large language models have increasingly been integrated into many computing applications. For privacy preservation, they are now deployed on edge devices. However, these deployments are vulnerable to bit flip attacks and backdoor attacks that compromise the integrity of the model. Traditional remote attestation techniques fail to detect such manipulations due to the large model size and the stealthiness of the attacks.In this paper, we present TrustSeed, a lightweight functional attestation protocol that uses a single inference to ensure large language models’ integrity. TrustSeed verifies integrity by applying deterministic, seed-based modifications to model weights within a Trusted Execution Environment and comparing the last intermediate activations and output distribution against a golden reference on the verifier. This approach prevents precomputed or forged responses, ensuring freshness and unpredictability in each attestation round. Our analysis shows that output distribution and last intermediate activations are effective indicators of integrity. We test TrustSeed against bit-flip, data poisoning, and weight poisoning attacks, reliably detecting even single-bit alterations. ... mehr


Originalveröffentlichung
DOI: 10.23919/DATE69613.2026.11539273
Zugehörige Institution(en) am KIT Institut für Technische Informatik (ITEC)
Publikationstyp Proceedingsbeitrag
Publikationsdatum 04.06.2026
Sprache Englisch
Identifikator ISBN: 979-8-3315-4565-9
KITopen-ID: 1000193897
Erschienen in 2026 Design, Automation & Test in Europe Conference (DATE), Verona, Italy, 20-22 April 2026
Veranstaltung 29th Design, Automation and Test in Europe Conference (DATE 2026), Verona, Italien, 20.04.2026 – 22.04.2026
Verlag Institute of Electrical and Electronics Engineers (IEEE)
Schlagwörter Attestation, LLM, Security
Nachgewiesen in OpenAlex
Scopus
KIT – Die Universität in der Helmholtz-Gemeinschaft
KITopen Landing Page