English
Related papers

Related papers: Boosting Jailbreak Attack with Momentum

200 papers

As Spoken Language Models (SLMs) integrate speech and text modalities, they inherit the safety vulnerabilities of their LLM backbone and an expanded attack surface. SLMs have been previously shown to be susceptible to jailbreaking, where…

Machine Learning · Computer Science 2026-03-20 Aravind Krishnan , Karolina Stańczak , Dietrich Klakow

Current LLM alignment methods are readily broken through specifically crafted adversarial prompts. While crafting adversarial prompts using discrete optimization is highly effective, such attacks typically use more than 100,000 LLM calls.…

Machine Learning · Computer Science 2025-03-04 Simon Geisler , Tom Wollschläger , M. H. I. Abdalla , Johannes Gasteiger , Stephan Günnemann

Recent research has shown that carefully crafted jailbreak inputs can induce large language models to produce harmful outputs, despite safety measures such as alignment. It is important to anticipate the range of potential Jailbreak attacks…

Cryptography and Security · Computer Science 2025-02-24 Pedram Zaree , Md Abdullah Al Mamun , Quazi Mishkatul Alam , Yue Dong , Ihsen Alouani , Nael Abu-Ghazaleh

As Large Language Models (LLMs) are increasingly being deployed in safety-critical applications, their vulnerability to potential jailbreaks -- malicious prompts that can disable the safety mechanism of LLMs -- has attracted growing…

Cryptography and Security · Computer Science 2024-08-08 Jiahao Zhang , Zilong Wang , Ruofan Wang , Xingjun Ma , Yu-Gang Jiang

While most LLMs are autoregressive, diffusion-based LLMs have recently emerged as an alternative method for generation. Greedy Coordinate Gradient (GCG) attacks have proven effective against autoregressive models, but their applicability to…

Machine Learning · Computer Science 2026-01-22 Ruben Neyroud , Sam Corley

Large Language Models (LLMs) are widely deployed in diverse real-world settings, yet remain vulnerable to jailbreaking, where prompt-based attacks bypass safety filters. We present THREAT (Targeted Harmful generation via Reframing and…

Cryptography and Security · Computer Science 2026-05-22 Shahnewaz Karim Sakib , Swati Kar , Anindya Bijoy Das

Despite advances in AI alignment, large language models (LLMs) remain vulnerable to adversarial attacks or jailbreaking, in which adversaries can modify prompts to induce unwanted behavior. While some defenses have been proposed, they have…

Machine Learning · Computer Science 2024-11-11 Andy Zhou , Bo Li , Haohan Wang

Large Language Models (LLMs) increasingly rely on automatic prompt engineering in graphical user interfaces (GUIs) to refine user inputs and enhance response accuracy. However, the diversity of user requirements often leads to unintended…

Computation and Language · Computer Science 2025-06-24 Chong Zhang , Xiang Li , Jia Wang , Shan Liang , Haochen Xue , Xiaobo Jin

Ensuring the safety and alignment of large language models (LLMs) with human values is crucial for generating responses that are beneficial to humanity. While LLMs have the capability to identify and avoid harmful queries, they remain…

Computation and Language · Computer Science 2024-10-22 Yihua Zhou , Xiaochuan Shi

Existing gradient-based jailbreak attacks on Large Language Models (LLMs) typically optimize adversarial suffixes to align the LLM output with predefined target responses. However, restricting the objective as inducing fixed targets…

Cryptography and Security · Computer Science 2026-03-03 Xinzhe Huang , Wenjing Hu , Tianhang Zheng , Kedong Xiu , Xiaojun Jia , Di Wang , Zhan Qin , Kui Ren

As large language models (LLMs) are increasingly deployed in critical applications, ensuring their robustness and safety alignment remains a major challenge. Despite the overall success of alignment techniques such as reinforcement learning…

Machine Learning · Computer Science 2025-08-21 Sajib Biswas , Mao Nishino , Samuel Jacob Chacko , Xiuwen Liu

While multimodal large language models (MLLMs) have achieved remarkable success in recent advancements, their susceptibility to jailbreak attacks has come to light. In such attacks, adversaries exploit carefully crafted prompts to coerce…

Cryptography and Security · Computer Science 2025-02-04 Ziyi Yin , Yuanpu Cao , Han Liu , Ting Wang , Jinghui Chen , Fenhlong Ma

Multimodal Large Language Models (MLLMs) have become widely deployed, yet their safety alignment remains fragile under adversarial inputs. Previous work has shown that increasing inference steps can disrupt safety mechanisms and lead MLLMs…

Computer Vision and Pattern Recognition · Computer Science 2026-04-17 Xiangdong Hu , Yangyang Jiang , Qin Hu , Xiaojun Jia

Iterative jailbreak methods that repeatedly rewrite and input prompts into large language models (LLMs) to induce harmful outputs -- using the model's previous responses to guide each new iteration -- have been found to be a highly…

Computation and Language · Computer Science 2025-10-21 Masahiro Kaneko , Zeerak Talat , Timothy Baldwin

Large Language Models (LLMs) are becoming a prominent generative AI tool, where the user enters a query and the LLM generates an answer. To reduce harm and misuse, efforts have been made to align these LLMs to human values using advanced…

Cryptography and Security · Computer Science 2024-11-08 Xiaomeng Hu , Pin-Yu Chen , Tsung-Yi Ho

Jailbreak attacks represent one of the most sophisticated threats to the security of large language models (LLMs). To deal with such risks, we introduce an innovative framework that can help evaluate the effectiveness of jailbreak attacks…

Computation and Language · Computer Science 2025-03-19 Dong Shu , Chong Zhang , Mingyu Jin , Zihao Zhou , Lingyao Li , Yongfeng Zhang

As large language models (LLMs) grow more capable, they face growing vulnerability to sophisticated jailbreak attacks. While developers invest heavily in alignment finetuning and safety guardrails, researchers continue publishing novel…

Cryptography and Security · Computer Science 2025-08-14 Boyuan Chen , Minghao Shao , Abdul Basit , Siddharth Garg , Muhammad Shafique

In this study, we disclose a worrying new vulnerability in Large Language Models (LLMs), which we term \textbf{involuntary jailbreak}. Unlike existing jailbreak attacks, this weakness is distinct in that it does not involve a specific…

Cryptography and Security · Computer Science 2025-12-30 Yangyang Guo , Yangyan Li , Mohan Kankanhalli

Despite explicit alignment efforts for large language models (LLMs), they can still be exploited to trigger unintended behaviors, a phenomenon known as "jailbreaking." Current jailbreak attack methods mainly focus on discrete prompt…

Cryptography and Security · Computer Science 2025-02-18 Guanghao Zhou , Panjia Qiu , Mingyuan Fan , Cen Chen , Mingyuan Chu , Xin Zhang , Jun Zhou

To circumvent the alignment of large language models (LLMs), current optimization-based adversarial attacks usually craft adversarial prompts by maximizing the likelihood of a so-called affirmative response. An affirmative response is a…