English
Related papers

Related papers: Jailbreaking as a Reward Misspecification Problem

200 papers

Large Language Models (LLMs) suffer from a range of vulnerabilities that allow malicious users to solicit undesirable responses through manipulation of the input text. These so-called jailbreak prompts are designed to trick the LLM into…

Computation and Language · Computer Science 2025-10-13 John Hawkins , Aditya Pramar , Rodney Beard , Rohitash Chandra

Large language models (LLMs) have demonstrated remarkable capabilities across a wide range of tasks, yet they often refuse to answer legitimate queries--a phenomenon known as overrefusal. Overrefusal typically stems from over-conservative…

Artificial Intelligence · Computer Science 2025-09-18 Licheng Pan , Yongqi Tong , Xin Zhang , Xiaolu Zhang , Jun Zhou , Zhixuan Chu

Large language models (LLMs) are trained on a deluge of text data with limited quality control. As a result, LLMs can exhibit unintended or even harmful behaviours, such as leaking information, fake news or hate speech. Countermeasures,…

Machine Learning · Computer Science 2024-08-05 Jingtong Su , Julia Kempe , Karen Ullrich

In recent years, the rapid development of large language models (LLMs) has achieved remarkable performance across various tasks. However, research indicates that LLMs are vulnerable to jailbreak attacks, where adversaries can induce the…

Cryptography and Security · Computer Science 2024-08-23 Jiawei Zhao , Kejiang Chen , Xiaojian Yuan , Weiming Zhang

Large language models (LLMs) have demonstrated remarkable capabilities, yet they also introduce novel security challenges. For instance, prompt jailbreaking attacks involve adversaries crafting sophisticated prompts to elicit responses from…

Artificial Intelligence · Computer Science 2025-09-30 Zhaoqi Wang , Daqing He , Zijian Zhang , Xin Li , Liehuang Zhu , Meng Li , Jiamou Liu

Extensive efforts have been made before the public release of Large language models (LLMs) to align their behaviors with human values. However, even meticulously aligned LLMs remain vulnerable to malicious manipulations such as…

Cryptography and Security · Computer Science 2024-10-01 Zeguan Xiao , Yan Yang , Guanhua Chen , Yun Chen

Despite recent advances, Large Language Models remain vulnerable to jailbreak attacks that bypass alignment safeguards and elicit harmful outputs. While prior research has proposed various attack strategies differing in human readability…

Computation and Language · Computer Science 2025-10-28 Havva Alizadeh Noughabi , Julien Serbanescu , Fattane Zarrinkalam , Ali Dehghantanha

Large language models (LLMs) are increasingly deployed in real-world applications, raising concerns about their security. While jailbreak attacks highlight failures under overtly harmful queries, they overlook a critical risk: incorrectly…

Cryptography and Security · Computer Science 2025-06-10 Yukai Zhou , Sibei Yang , Wenjie Wang

As large language models (LLMs) are increasingly deployed as black-box components in real-world applications, red teaming has become essential for identifying potential risks. It tests LLMs with adversarial prompts to uncover…

Machine Learning · Computer Science 2026-03-25 Jiale Ding , Xiang Zheng , Yutao Wu , Cong Wang , Wei-Bin Lee , Ling Pan , Xingjun Ma , Yu-Gang Jiang

Large Language Model (LLM) alignment remains vulnerable to jailbreak attacks that elicit unsafe responses, motivating pre-model and post-model guards. Pre-model guards audit the safety of prompts before invoking target models. However,…

Cryptography and Security · Computer Science 2026-05-20 Hongyu Cai , Arjun Arunasalam , Yiming Liang , Antonio Bianchi , Z. Berkay Celik

We show that when large language models learn to reward hack on production RL environments, this can result in egregious emergent misalignment. We start with a pretrained model, impart knowledge of reward hacking strategies via synthetic…

We present MultiBreak, a scalable and diverse multi-turn jailbreak benchmark to evaluate large language model (LLM) safety. Multi-turn jailbreaks mimic natural conversational settings, making them easier to bypass safety-aligned LLM than…

Computation and Language · Computer Science 2026-05-05 Jialin Song , Xiaodong Liu , Weiwei Yang , Wuyang Chen , Mingqian Feng , Xuekai Zhu , Jianfeng Gao

The growing integration of Large Language Models (LLMs) into critical societal domains has raised concerns about embedded biases that can perpetuate stereotypes and undermine fairness. Such biases may stem from historical inequalities in…

Computation and Language · Computer Science 2025-10-17 Riccardo Cantini , Alessio Orsino , Massimo Ruggiero , Domenico Talia

Reward hacking -- where RL agents exploit gaps in misspecified reward functions -- has been widely observed, but not yet systematically studied. To understand how reward hacking arises, we construct four RL environments with misspecified…

Machine Learning · Computer Science 2022-02-15 Alexander Pan , Kush Bhatia , Jacob Steinhardt

Jailbreak attacks -- adversarial prompts that bypass LLM alignment through purely linguistic manipulation -- pose a growing operational security threat, yet the field lacks large-scale, reproducible infrastructure for generating,…

Cryptography and Security · Computer Science 2026-05-12 Ismail Hossain , Tanzim Ahad , Md Jahangir Alam , Sai Puppala , Syed Bahauddin Alam , Sajedul Talukder

Large Reasoning Models (LRMs) have demonstrated remarkable capabilities in solving complex problems by generating structured, step-by-step reasoning content. However, exposing a model's internal reasoning process introduces additional…

Artificial Intelligence · Computer Science 2026-05-20 Zheng Lin , Zhenxing Niu , Haoxuan Ji , Yuzhe Huang , Haichang Gao

Recently, advanced Large Language Models (LLMs) such as GPT-4 have been integrated into many real-world applications like Code Copilot. These applications have significantly expanded the attack surface of LLMs, exposing them to a variety of…

Cryptography and Security · Computer Science 2024-07-24 Huiyu Xu , Wenhui Zhang , Zhibo Wang , Feng Xiao , Rui Zheng , Yunhe Feng , Zhongjie Ba , Kui Ren

The increasing sophistication of large vision-language models (LVLMs) has been accompanied by advances in safety alignment mechanisms designed to prevent harmful content generation. However, these defenses remain vulnerable to sophisticated…

Cryptography and Security · Computer Science 2026-04-09 Quanchen Zou , Zonghao Ying , Moyang Chen , Wenzhuo Xu , Yisong Xiao , Yakai Li , Deyue Zhang , Dongdong Yang , Zhao Liu , Xiangzheng Zhang

Jailbreaks are adversarial attacks designed to bypass the built-in safety mechanisms of large language models. Automated jailbreaks typically optimize an adversarial suffix or adapt long prompt templates by forcing the model to generate the…

Computation and Language · Computer Science 2025-10-31 Raffaele Mura , Giorgio Piras , Kamilė Lukošiūtė , Maura Pintor , Amin Karbasi , Battista Biggio

Large Language Models (LLMs) have revolutionized artificial intelligence, demonstrating remarkable computational power and linguistic capabilities. However, these models are inherently prone to various biases stemming from their training…

Computation and Language · Computer Science 2025-02-14 Riccardo Cantini , Giada Cosenza , Alessio Orsino , Domenico Talia