With the rapid development of artificial intelligence, large language models (LLMs) have made remarkable progress in natural language processing. These models are trained on large amounts of data to demonstrate powerful language understanding and generation capabilities for various applications, from machine translation and chatbots to agents. However, LLMs have exposed a variety of privacy and security issues during their life cycle, which have become the focus of academic and industrial attention. Moreover, these risks LLMs face are pretty different from previous traditional language models. Since current surveys lack a clear taxonomy of unique threat models based on diverse scenarios, we highlight unique privacy and security issues based on five scenarios: pre-training, fine-tuning, RAG system, deploying, and LLM-based agent. Concerning the characteristics of each risk, this survey provides potential threats and countermeasures. The research on attack and defense situations LLMs face can provide feasible research directions, making more areas reap LLMs' benefits.

翻译：随着人工智能的快速发展，大型语言模型（LLM）在自然语言处理领域取得了显著进展。这些模型通过大量数据训练，展现出强大的语言理解与生成能力，广泛应用于机器翻译、聊天机器人及智能代理等场景。然而，LLM在其生命周期中暴露了多种隐私与安全问题，已成为学术界与工业界关注的焦点。值得注意的是，这些风险与以往传统语言模型所面临的风险存在显著差异。由于现有综述缺乏基于不同场景的独特威胁模型清晰分类，本研究聚焦于五个场景下的独特隐私与安全问题：预训练、微调、RAG系统、部署以及基于LLM的智能代理。针对每种风险的特点，本文提供了潜在威胁及应对措施。对LLM面临的攻防态势研究可为后续工作提供可行方向，使更多领域能够受益于LLM的优势。