English
Related papers

Related papers: A StrongREJECT for Empty Jailbreaks

200 papers

Jailbreaks have been a central focus of research regarding the safety and reliability of large language models (LLMs), yet the mechanisms underlying these attacks remain poorly understood. While previous studies have predominantly relied on…

Cryptography and Security · Computer Science 2025-11-04 Nathalie Kirch , Constantin Weisser , Severin Field , Helen Yannakoudakis , Stephen Casper

Multi-turn jailbreaks exploit the ability of large language models to accumulate and act on conversational context. Instead of stating a harmful request directly, an attacker can gradually steer the conversation toward an unsafe answer.…

Cryptography and Security · Computer Science 2026-05-13 Xinkai Zhang , Zhipeng Wei , Huanli Gong , Jing Ting Zheng , Yuchen Zhang , Yue Dong , N. Benjamin Erichson

How should we evaluate the robustness of language model defenses? Current defenses against jailbreaks and prompt injections (which aim to prevent an attacker from eliciting harmful knowledge or remotely triggering malicious actions,…

Safety alignment mechanism are essential for preventing large language models (LLMs) from generating harmful information or unethical content. However, cleverly crafted prompts can bypass these safety measures without accessing the model's…

Computation and Language · Computer Science 2025-01-31 Sunbowen Lee , Shiwen Ni , Chi Wei , Shuaimin Li , Liyang Fan , Ahmadreza Argha , Hamid Alinejad-Rokny , Ruifeng Xu , Yicheng Gong , Min Yang

Modern large language model (LLM) developers typically conduct a safety alignment to prevent an LLM from generating unethical or harmful content. Recent studies have discovered that the safety alignment of LLMs can be bypassed by…

Cryptography and Security · Computer Science 2024-06-14 Xuan Chen , Yuzhou Nie , Lu Yan , Yunshu Mao , Wenbo Guo , Xiangyu Zhang

Despite recent advances, Large Language Models remain vulnerable to jailbreak attacks that bypass alignment safeguards and elicit harmful outputs. While prior research has proposed various attack strategies differing in human readability…

Computation and Language · Computer Science 2025-10-28 Havva Alizadeh Noughabi , Julien Serbanescu , Fattane Zarrinkalam , Ali Dehghantanha

The misuse of large language models (LLMs) has drawn significant attention from the general public and LLM vendors. One particular type of adversarial prompt, known as jailbreak prompt, has emerged as the main attack vector to bypass the…

Cryptography and Security · Computer Science 2024-05-16 Xinyue Shen , Zeyuan Chen , Michael Backes , Yun Shen , Yang Zhang

Despite the outstanding performance of Large language Models (LLMs) in diverse tasks, they are vulnerable to jailbreak attacks, wherein adversarial prompts are crafted to bypass their security mechanisms and elicit unexpected responses.…

Cryptography and Security · Computer Science 2025-04-25 Zeqing He , Zhibo Wang , Zhixuan Chu , Huiyu Xu , Wenhui Zhang , Qinglong Wang , Rui Zheng

Accurately determining whether a jailbreak attempt has succeeded is a fundamental yet unresolved challenge. Existing evaluation methods rely on misaligned proxy indicators or naive holistic judgments. They frequently misinterpret model…

Cryptography and Security · Computer Science 2025-08-29 Junjie Chu , Mingjie Li , Ziqing Yang , Ye Leng , Chenhao Lin , Chao Shen , Michael Backes , Yun Shen , Yang Zhang

Jailbreak attacks reveal critical vulnerabilities in Large Language Models (LLMs) by causing them to generate harmful or unethical content. Evaluating these threats is particularly challenging due to the evolving nature of LLMs and the…

Machine Learning · Computer Science 2025-07-11 Peiyan Zhang , Haibo Jin , Liying Kang , Haohan Wang

Large Language Models (LLMs) aligned with human feedback have recently garnered significant attention. However, it remains vulnerable to jailbreak attacks, where adversaries manipulate prompts to induce harmful outputs. Exploring jailbreak…

Cryptography and Security · Computer Science 2024-12-23 Hongyi Li , Jiawei Ye , Jie Wu , Tianjie Yan , Chu Wang , Zhixin Li

Safety alignment approaches in large language models (LLMs) often lead to the over-refusal of benign queries, significantly diminishing their utility in sensitive scenarios. To address this challenge, we introduce FalseReject, a…

Computation and Language · Computer Science 2025-07-16 Zhehao Zhang , Weijie Xu , Fanyou Wu , Chandan K. Reddy

Although Large Language Models (LLMs) have demonstrated significant capabilities in executing complex tasks in a zero-shot manner, they are susceptible to jailbreak attacks and can be manipulated to produce harmful outputs. Recently, a…

Cryptography and Security · Computer Science 2024-11-07 Zhao Xu , Fan Liu , Hao Liu

Although many large language models (LLMs) have been trained to refuse harmful requests, they are still vulnerable to jailbreaking attacks which rewrite the original prompt to conceal its harmful intent. In this paper, we propose a new…

Computation and Language · Computer Science 2024-06-10 Yihan Wang , Zhouxing Shi , Andrew Bai , Cho-Jui Hsieh

Large Language Models (LLMs) have increasingly become pivotal in content generation with notable societal impact. These models hold the potential to generate content that could be deemed harmful.Efforts to mitigate this risk include…

Computation and Language · Computer Science 2024-08-20 Kexin Chen , Yi Liu , Dongxia Wang , Jiaying Chen , Wenhai Wang

Despite the growing interest in jailbreak methods as an effective red-teaming tool for building safe and responsible large language models (LLMs), flawed evaluation system designs have led to significant discrepancies in their effectiveness…

Computation and Language · Computer Science 2025-07-10 Ruixuan Huang , Xunguang Wang , Zongjie Li , Daoyuan Wu , Shuai Wang

The recent explosion in the capabilities of large language models has led to a wave of interest in how best to prompt a model to perform a given task. While it may be tempting to simply choose a prompt based on average performance on a…

Machine Learning · Computer Science 2024-03-29 Thomas P. Zollo , Todd Morrill , Zhun Deng , Jake C. Snell , Toniann Pitassi , Richard Zemel

In this study, we disclose a worrying new vulnerability in Large Language Models (LLMs), which we term \textbf{involuntary jailbreak}. Unlike existing jailbreak attacks, this weakness is distinct in that it does not involve a specific…

Cryptography and Security · Computer Science 2025-12-30 Yangyang Guo , Yangyan Li , Mohan Kankanhalli

Jailbreak attacks aim to exploit large language models (LLMs) by inducing them to generate harmful content, thereby revealing their vulnerabilities. Understanding and addressing these attacks is crucial for advancing the field of LLM…

Cryptography and Security · Computer Science 2026-03-26 Zheng Zhang , Peilin Zhao , Deheng Ye , Hao Wang

As Large Language Models (LLMs) of Prompt Jailbreaking are getting more and more attention, it is of great significance to raise a generalized research paradigm to evaluate attack strengths and a basic model to conduct subtler experiments.…

Cryptography and Security · Computer Science 2024-04-15 Tianyu Zhang , Zixuan Zhao , Jiaqi Huang , Jingyu Hua , Sheng Zhong