Abstract
Large Language Models (LLMs) are susceptible to malicious influence by cyberattackers through intrusions such as adversarial, backdoor, and embeddinginversion attacks. In response, the burgeoning field of LLM Security aims tostudy and defend against such threats. Thus far, the majority of works in thisarea have focused on monolingual English models, however, emerging researchsuggests that multilingual LLMs may be more vulnerable to various attacks thantheir monolingual counterparts. While previous work has investigated embeddinginversion over a small subset of European languages, it is challenging toextrapolate these findings to languages from different linguistic families andwith differing scripts. To this end, we explore the security of multilingualLLMs in the context of embedding inversion attacks and investigatecross-lingual and cross-script inversion across 20 languages, spanning over 8language families and 12 scripts. Our findings indicate that languages writtenin Arabic script and Cyrillic script are particularly vulnerable to embeddinginversion, as are languages within the Indo-Aryan language family. We furtherobserve that inversion models tend to suffer from language confusion, sometimesgreatly reducing the efficacy of an attack. Accordingly, we systematicallyexplore this bottleneck for inversion models, uncovering predictable patternswhich could be leveraged by attackers. Ultimately, this study aims to furtherthe field's understanding of the outstanding security vulnerabilities facingmultilingual LLMs and raise awareness for the languages most at risk ofnegative impact from these attacks.