With the rapid development of artificial intelligence, large language models (LLMs) have made remarkable advancements in natural language processing. These models are trained on vast datasets to exhibit powerful language understanding and generation capabilities across various applications, including machine translation, chatbots, and agents. However, LLMs have revealed a variety of privacy and security issues throughout their life cycle, drawing significant academic and industrial attention. Moreover, the risks faced by LLMs differ significantly from those encountered by traditional language models. Given that current surveys lack a clear taxonomy of unique threat models across diverse scenarios, we emphasize the unique privacy and security threats associated with five specific scenarios: pre-training, fine-tuning, retrieval-augmented generation systems, deployment, and LLM-based agents. Addressing the characteristics of each risk, this survey outlines potential threats and countermeasures. Research on attack and defense situations can offer feasible research directions, enabling more areas to benefit from LLMs.

翻译：随着人工智能的快速发展，大语言模型（LLMs）在自然语言处理领域取得了显著进展。这些模型通过在海量数据集上进行训练，在机器翻译、聊天机器人和智能体等多种应用中展现出强大的语言理解与生成能力。然而，LLMs在其整个生命周期中暴露出诸多隐私与安全问题，引起了学术界和工业界的广泛关注。此外，LLMs所面临的风险与传统语言模型存在显著差异。鉴于现有综述研究缺乏对不同场景下特有威胁模型的清晰分类，本文重点阐述了与五个特定场景相关的独特隐私与安全威胁：预训练、微调、检索增强生成系统、部署以及基于LLM的智能体。针对各类风险的特征，本综述系统梳理了潜在的威胁与应对策略。对攻防态势的研究可为该领域提供可行的研究方向，从而使更多领域能够受益于LLMs技术。