English
Related papers

Related papers: Jailbroken: How Does LLM Safety Training Fail?

200 papers

Ensuring the safety and alignment of large language models (LLMs) with human values is crucial for generating responses that are beneficial to humanity. While LLMs have the capability to identify and avoid harmful queries, they remain…

Computation and Language · Computer Science 2024-10-22 Yihua Zhou , Xiaochuan Shi

As the use of large language models (LLMs) continues to expand, ensuring their safety and robustness has become a critical challenge. In particular, jailbreak attacks that bypass built-in safety mechanisms are increasingly recognized as a…

Cryptography and Security · Computer Science 2025-11-19 Hajun Kim , Hyunsik Na , Daeseon Choi

The rapid integration of Multimodal Large Language Models (MLLMs) into critical applications is increasingly hindered by persistent safety vulnerabilities. However, existing red-teaming benchmarks are often fragmented, limited to…

Cryptography and Security · Computer Science 2026-01-13 Xin Wang , Yunhao Chen , Juncheng Li , Yixu Wang , Yang Yao , Tianle Gu , Jie Li , Yan Teng , Yingchun Wang , Xia Hu

Large Language Models (LLMs) are commonly evaluated for robustness against paraphrased or semantically equivalent jailbreak prompts, yet little attention has been paid to linguistic variation as an attack surface. In this work, we…

Computation and Language · Computer Science 2025-11-14 Srikant Panda , Avinash Rai

With the significant advancement of Large Vision-Language Models (VLMs), concerns about their potential misuse and abuse have grown rapidly. Previous studies have highlighted VLMs' vulnerability to jailbreak attacks, where carefully crafted…

Computer Vision and Pattern Recognition · Computer Science 2025-06-19 Yu Wang , Xiaofei Zhou , Yichen Wang , Geyuan Zhang , Tianxing He

Large language models (LLMs) have achieved impressive performance across natural language tasks and are increasingly deployed in real-world applications. Despite extensive safety alignment efforts, recent studies show that such alignment is…

Artificial Intelligence · Computer Science 2026-02-02 Yinzhi Zhao , Ming Wang , Shi Feng , Xiaocui Yang , Daling Wang , Yifei Zhang

Large Language Models (LLMs) remain vulnerable to jailbreak attempts that circumvent safety guardrails. We investigate whether multi-turn conversations using low-resource African languages (Afrikaans, Kiswahili, isiXhosa, and isiZulu) can…

Computation and Language · Computer Science 2026-05-19 Dylan Marx , Marcel Dunaiski

We identify a structural weakness in current large language model (LLM) alignment: modern refusal mechanisms are fail-open. While existing approaches encode refusal behaviors across multiple latent features, suppressing a single dominant…

Machine Learning · Computer Science 2026-02-20 Zachary Coalson , Beth Sohler , Aiden Gabriel , Sanghyun Hong

Most traditional AI safety research has approached AI models as machines and centered on algorithm-focused attacks developed by security experts. As large language models (LLMs) become increasingly common and competent, non-expert users can…

Computation and Language · Computer Science 2024-01-25 Yi Zeng , Hongpeng Lin , Jingwen Zhang , Diyi Yang , Ruoxi Jia , Weiyan Shi

This paper introduces Jailbreak-Zero, a novel red teaming methodology that shifts the paradigm of Large Language Model (LLM) safety evaluation from a constrained example-based approach to a more expansive and effective policy-based…

Computation and Language · Computer Science 2026-01-08 Kai Hu , Abhinav Aggarwal , Mehran Khodabandeh , David Zhang , Eric Hsin , Li Chen , Ankit Jain , Matt Fredrikson , Akash Bharadwaj

Large language models (LLMs) are widely used in real-world applications, raising concerns about their safety and trustworthiness. While red-teaming with jailbreak prompts exposes the vulnerabilities of LLMs, current efforts focus primarily…

Computation and Language · Computer Science 2025-11-14 Yi Zhao , Youzhi Zhang

Although safely enhanced Large Language Models (LLMs) have achieved remarkable success in tackling various complex tasks in a zero-shot manner, they remain susceptible to jailbreak attacks, particularly the unknown jailbreak attack. To…

Computation and Language · Computer Science 2024-06-12 Fan Liu , Zhao Xu , Hao Liu

Large Language Models (LLMs) have demonstrated remarkable capabilities across various tasks, yet they remain vulnerable to adversarial manipulations such as jailbreaking via prompt injection attacks. These attacks bypass safety mechanisms…

Machine Learning · Computer Science 2025-07-08 Xin Wei Chia , Swee Liang Wong , Jonathan Pan

Large language models (LLMs) have been increasingly applied to various domains, which triggers increasing concerns about LLMs' safety on specialized domains, e.g. medicine. Despite prior explorations on general jailbreaking attacks, there…

Computation and Language · Computer Science 2025-06-10 Shangqing Tu , Zhuoran Pan , Wenxuan Wang , Zhexin Zhang , Yuliang Sun , Jifan Yu , Hongning Wang , Lei Hou , Juanzi Li

Large language models (LLMs) excel in various tasks but remain vulnerable to jailbreak attacks, where adversaries manipulate prompts to generate harmful outputs. Examining jailbreak prompts helps uncover the shortcomings of LLMs. However,…

Computation and Language · Computer Science 2024-12-18 Weixiong Zheng , Peijian Zeng , Yiwei Li , Hongyan Wu , Nankai Lin , Junhao Chen , Aimin Yang , Yongmei Zhou

Training safe LLMs remains a critical challenge. The most widely used method, Refusal Training (RT), struggles to generalize against various Out-of-Distribution (OOD) jailbreaking attacks. Although various advanced methods have been…

Machine Learning · Computer Science 2025-06-02 Haoyu Wang , Zeyu Qin , Li Shen , Xueqian Wang , Dacheng Tao , Minhao Cheng

Large Language Models face security threats from jailbreak attacks. Existing research has predominantly focused on prompt-level attacks while largely ignoring the underexplored attack surface of user-controlled response prefilling. This…

Cryptography and Security · Computer Science 2025-08-27 Yakai Li , Jiekang Hu , Weiduan Sang , Luping Ma , Dongsheng Nie , Weijuan Zhang , Aimin Yu , Yi Su , Qingjia Huang , Qihang Zhou

Although Large Language Models (LLMs) have demonstrated significant capabilities in executing complex tasks in a zero-shot manner, they are susceptible to jailbreak attacks and can be manipulated to produce harmful outputs. Recently, a…

Cryptography and Security · Computer Science 2024-11-07 Zhao Xu , Fan Liu , Hao Liu

We show that even the most recent safety-aligned LLMs are not robust to simple adaptive jailbreaking attacks. First, we demonstrate how to successfully leverage access to logprobs for jailbreaking: we initially design an adversarial prompt…

Cryptography and Security · Computer Science 2025-04-21 Maksym Andriushchenko , Francesco Croce , Nicolas Flammarion

Safety alignment mechanism are essential for preventing large language models (LLMs) from generating harmful information or unethical content. However, cleverly crafted prompts can bypass these safety measures without accessing the model's…

Computation and Language · Computer Science 2025-01-31 Sunbowen Lee , Shiwen Ni , Chi Wei , Shuaimin Li , Liyang Fan , Ahmadreza Argha , Hamid Alinejad-Rokny , Ruifeng Xu , Yicheng Gong , Min Yang