English
Related papers

Related papers: SeqAR: Jailbreak LLMs with Sequential Auto-Generat…

200 papers

Multimodal Large Language Models (MLLMs) extend text-only LLMs with visual reasoning, but also introduce new safety failure modes under visually grounded instructions. We study comic-template jailbreaks that embed harmful goals inside…

Cryptography and Security · Computer Science 2026-04-24 Rui Yang Tan , Yujia Hu , Roy Ka-Wei Lee

This paper introduces Jailbreak-Zero, a novel red teaming methodology that shifts the paradigm of Large Language Model (LLM) safety evaluation from a constrained example-based approach to a more expansive and effective policy-based…

Computation and Language · Computer Science 2026-01-08 Kai Hu , Abhinav Aggarwal , Mehran Khodabandeh , David Zhang , Eric Hsin , Li Chen , Ankit Jain , Matt Fredrikson , Akash Bharadwaj

Jailbreak attacks to Large audio-language models (LALMs) are studied recently, but they exclusively focused on the attack scenario where the adversary can fully manipulate user prompts (named strong adversary) and limited in effectiveness,…

Cryptography and Security · Computer Science 2026-02-04 Guangke Chen , Fu Song , Zhe Zhao , Xiaojun Jia , Yang Liu , Yanchen Qiao , Weizhe Zhang , Weiping Tu , Yuhong Yang , Bo Du

In this study, we introduce RePD, an innovative attack Retrieval-based Prompt Decomposition framework designed to mitigate the risk of jailbreak attacks on large language models (LLMs). Despite rigorous pretraining and finetuning focused on…

Cryptography and Security · Computer Science 2024-12-02 Peiran Wang , Xiaogeng Liu , Chaowei Xiao

Large Language Models (LLMs) are commonly evaluated for robustness against paraphrased or semantically equivalent jailbreak prompts, yet little attention has been paid to linguistic variation as an attack surface. In this work, we…

Computation and Language · Computer Science 2025-11-14 Srikant Panda , Avinash Rai

Safety-aligned LLMs respond to prompts with either compliance or refusal, each corresponding to distinct directions in the model's activation space. Recent works show that initializing attacks via self-transfer from other prompts…

Cryptography and Security · Computer Science 2025-10-09 Amit Levi , Rom Himelstein , Yaniv Nemcovsky , Avi Mendelson , Chaim Baskin

This paper focuses on jailbreaking attacks against multi-modal large language models (MLLMs), seeking to elicit MLLMs to generate objectionable responses to harmful user queries. A maximum likelihood-based algorithm is proposed to find an…

Machine Learning · Computer Science 2024-02-07 Zhenxing Niu , Haodong Ren , Xinbo Gao , Gang Hua , Rong Jin

Despite their demonstrated valuable capabilities, state-of-the-art (SOTA) widely deployed large language models (LLMs) still have the potential to cause harm to society due to the ineffectiveness of their safety filters, which can be…

Large language models (LLMs) have revolutionized software development through AI-assisted coding tools, enabling developers with limited programming expertise to create sophisticated applications. However, this accessibility extends to…

Cryptography and Security · Computer Science 2025-12-25 Yifan Huang , Xiaojun Jia , Wenbo Guo , Yuqiang Sun , Yihao Huang , Chong Wang , Yang Liu

Large Language Models (LLMs) are increasingly susceptible to jailbreak attacks, which are adversarial prompts that bypass alignment constraints and induce unauthorized or harmful behaviors. These vulnerabilities undermine the safety,…

Machine Learning · Computer Science 2025-09-30 Javad Forough , Mohammad Maheri , Hamed Haddadi

Jailbreak attacks expose a persistent gap between the intended safety behavior of aligned large language models and their behavior under adversarial prompting. Existing automated methods are increasingly effective but each commits to a…

Computation and Language · Computer Science 2026-05-21 Abdullah Al Nomaan Nafi , Fnu Suya , Swarup Bhunia , Prabuddha Chakraborty

As large language models (LLMs) advance, ensuring AI safety and alignment is paramount. One popular approach is prompt guards, lightweight mechanisms designed to filter malicious queries while being easy to implement and update. In this…

Machine Learning · Computer Science 2025-10-08 Jaiden Fairoze , Sanjam Garg , Keewoo Lee , Mingyuan Wang

Adversarial prompts generated using gradient-based methods exhibit outstanding performance in performing automatic jailbreak attacks against safety-aligned LLMs. Nevertheless, due to the discrete nature of texts, the input gradient of LLMs…

Cryptography and Security · Computer Science 2024-11-04 Qizhang Li , Yiwen Guo , Wangmeng Zuo , Hao Chen

Jailbreaking -- bypassing built-in safety mechanisms in AI models -- has traditionally required complex technical procedures or specialized human expertise. In this study, we show that the persuasive capabilities of large reasoning models…

Computation and Language · Computer Science 2026-02-10 Thilo Hagendorff , Erik Derner , Nuria Oliver

The systems and software powered by Large Language Models (LLMs) and Multi-Modal LLMs (MLLMs) have played a critical role in numerous scenarios. However, current LLM systems are vulnerable to prompt-based attacks, with jailbreaking attacks…

Cryptography and Security · Computer Science 2025-03-18 Xiaoyu Zhang , Cen Zhang , Tianlin Li , Yihao Huang , Xiaojun Jia , Ming Hu , Jie Zhang , Yang Liu , Shiqing Ma , Chao Shen

With the rapid advancements in Multimodal Large Language Models (MLLMs), securing these models against malicious inputs while aligning them with human values has emerged as a critical challenge. In this paper, we investigate an important…

Cryptography and Security · Computer Science 2024-11-26 Weidi Luo , Siyuan Ma , Xiaogeng Liu , Xiaoyu Guo , Chaowei Xiao

Jailbreak attacks represent one of the most sophisticated threats to the security of large language models (LLMs). To deal with such risks, we introduce an innovative framework that can help evaluate the effectiveness of jailbreak attacks…

Computation and Language · Computer Science 2025-03-19 Dong Shu , Chong Zhang , Mingyu Jin , Zihao Zhou , Lingyao Li , Yongfeng Zhang

Large Language Models (LLMs) are susceptible to generating harmful content when prompted with carefully crafted inputs, a vulnerability known as LLM jailbreaking. As LLMs become more powerful, studying jailbreak methods is critical to…

Computation and Language · Computer Science 2025-01-07 Hao Wang , Hao Li , Junda Zhu , Xinyuan Wang , Chengwei Pan , MinLie Huang , Lei Sha

Large Language Models (LLMs) are increasingly vulnerable to a sophisticated form of adversarial prompting known as camouflaged jailbreaking. This method embeds malicious intent within seemingly benign language to evade existing safety…

Cryptography and Security · Computer Science 2025-09-09 Youjia Zheng , Mohammad Zandsalimy , Shanu Sushmita

Despite extensive pre-training in moral alignment to prevent generating harmful information, large language models (LLMs) remain vulnerable to jailbreak attacks. In this paper, we propose AutoDefense, a multi-agent defense framework that…

Machine Learning · Computer Science 2024-11-15 Yifan Zeng , Yiran Wu , Xiao Zhang , Huazheng Wang , Qingyun Wu