English
Related papers

Related papers: Refusal-Trained LLMs Are Easily Jailbroken As Brow…

200 papers

Recently, advanced Large Language Models (LLMs) such as GPT-4 have been integrated into many real-world applications like Code Copilot. These applications have significantly expanded the attack surface of LLMs, exposing them to a variety of…

Cryptography and Security · Computer Science 2024-07-24 Huiyu Xu , Wenhui Zhang , Zhibo Wang , Feng Xiao , Rui Zheng , Yunhe Feng , Zhongjie Ba , Kui Ren

The robustness of LLMs to jailbreak attacks, where users design prompts to circumvent safety measures and misuse model capabilities, has been studied primarily for LLMs acting as simple chatbots. Meanwhile, LLM agents -- which use external…

Large Language Models (LLMs) have enabled agents to move beyond conversation toward end-to-end task execution and become more helpful. However, this helpfulness introduces new security risks stem less from direct interface abuse than from…

Cryptography and Security · Computer Science 2026-01-19 Fengchao Chen , Tingmin Wu , Van Nguyen , Carsten Rudolph

Large Language Model (LLM) safeguards, which implement request refusals, have become a widely adopted mitigation strategy against misuse. At the intersection of adversarial machine learning and AI safety, safeguard red teaming has…

Cryptography and Security · Computer Science 2025-06-10 Zifan Wang , Christina Q. Knight , Jeremy Kritz , Willow E. Primack , Julian Michael

Language Models (LMs) often cannot be deployed because of their potential to harm users in hard-to-predict ways. Prior work identifies harmful behaviors before deployment by using human annotators to hand-write test cases. However, human…

Computation and Language · Computer Science 2022-02-08 Ethan Perez , Saffron Huang , Francis Song , Trevor Cai , Roman Ring , John Aslanides , Amelia Glaese , Nat McAleese , Geoffrey Irving

Large language models (LLMs) can often be made to behave in undesirable ways that they are explicitly fine-tuned not to. For example, the LLM red-teaming literature has produced a wide variety of 'jailbreaking' techniques to elicit harmful…

Large language models (LLMs) are increasingly being integrated into web browsers to create agentic browsing systems that execute actions on behalf of the user. Prior work considering the security of agentic browsers focuses exclusively on…

Cryptography and Security · Computer Science 2026-05-08 Sohom Datta , Alex Nahapetyan , William Enck , Alexandros Kapravelos

Recent breakthroughs in natural language processing (NLP) have permitted the synthesis and comprehension of coherent text in an open-ended way, therefore translating the theoretical algorithms into practical applications. The large language…

Computation and Language · Computer Science 2023-05-30 Terry Yue Zhuo , Yujin Huang , Chunyang Chen , Zhenchang Xing

Autonomous browsing agents powered by large language models (LLMs) are increasingly used to automate web-based tasks. However, their reliance on dynamic content, tool execution, and user-provided data exposes them to a broad attack surface.…

Cryptography and Security · Computer Science 2025-05-20 Mykyta Mudryi , Markiyan Chaklosh , Grzegorz Wójcik

When building Large Language Models (LLMs), it is paramount to bear safety in mind and protect them with guardrails. Indeed, LLMs should never generate content promoting or normalizing harmful, illegal, or unethical behavior that may…

Computation and Language · Computer Science 2024-06-25 Simone Tedeschi , Felix Friedrich , Patrick Schramowski , Kristian Kersting , Roberto Navigli , Huu Nguyen , Bo Li

Large Language Models (LLMs) remain susceptible to jailbreak exploits that bypass safety filters and induce harmful or unethical behavior. This work presents a systematic taxonomy of existing jailbreak defenses across prompt-level,…

Cryptography and Security · Computer Science 2025-11-25 Ryan Wong , Hosea David Yu Fei Ng , Dhananjai Sharma , Glenn Jun Jie Ng , Kavishvaran Srinivasan

Large Language Models (LLMs) suffer from a range of vulnerabilities that allow malicious users to solicit undesirable responses through manipulation of the input text. These so-called jailbreak prompts are designed to trick the LLM into…

Computation and Language · Computer Science 2025-10-13 John Hawkins , Aditya Pramar , Rodney Beard , Rohitash Chandra

Large Language Model (LLM) agents are powering a growing share of interactive web applications, yet remain vulnerable to misuse and harm. Prior jailbreak research has largely focused on single-turn prompts, whereas real harassment often…

Artificial Intelligence · Computer Science 2025-10-22 Trilok Padhi , Pinxian Lu , Abdulkadir Erol , Tanmay Sutar , Gauri Sharma , Mina Sonmez , Munmun De Choudhury , Ugur Kursuncu

LLMs are trained to refuse harmful instructions, but do they truly understand harmfulness beyond just refusing? Prior work has shown that LLMs' refusal behaviors can be mediated by a one-dimensional subspace, i.e., a refusal direction. In…

Computation and Language · Computer Science 2025-12-16 Jiachen Zhao , Jing Huang , Zhengxuan Wu , David Bau , Weiyan Shi

Recently, language models like Llama 3.1 Instruct have become increasingly capable of agentic behavior, enabling them to perform tasks requiring short-term planning and tool use. In this study, we apply refusal-vector ablation to Llama 3.1…

Computation and Language · Computer Science 2024-10-16 Simon Lermen , Mateusz Dziemian , Govind Pimpale

Task-oriented LLM-based agents are increasingly used in domains with strict policies, such as refund eligibility or cancellation rules. The challenge lies in ensuring that the agent consistently adheres to these rules and policies,…

Multiagent Systems · Computer Science 2025-08-26 Itay Nakash , George Kour , Koren Lazar , Matan Vetzler , Guy Uziel , Ateret Anaby-Tavor

Large Language Models (LLMs) are increasingly deployed as agentic systems that plan, memorize, and act in open-world environments. This shift brings new security problems: failures are no longer only unsafe text generation, but can become…

Cryptography and Security · Computer Science 2026-03-03 Zhihang Deng , Jiaping Gui , Weinan Zhang

Recently, people have suffered from LLM hallucination and have become increasingly aware of the reliability gap of LLMs in open and knowledge-intensive tasks. As a result, they have increasingly turned to search-augmented LLMs to mitigate…

Computation and Language · Computer Science 2026-02-10 Yu Yan , Sheng Sun , Mingfeng Li , Zheming Yang , Chiwei Zhu , Fei Ma , Benfeng Xu , Min Liu , Qi Li

Solving complex or long-horizon problems often requires large language models (LLMs) to use external tools and operate over a significantly longer context window. New LLMs enable longer context windows and support tool calling capabilities.…

Machine Learning · Computer Science 2025-12-03 Tsimur Hadeliya , Mohammad Ali Jauhar , Nidhi Sakpal , Diogo Cruz

With the widespread application of LLM-based agents across various domains, their complexity has introduced new security threats. Existing red-team methods mostly rely on modifying user prompts, which lack adaptability to new data and may…

Computation and Language · Computer Science 2026-04-14 Yanxu Mao , Peipei Liu , Tiehan Cui , Congying Liu , Mingzhe Xing , Datao You
‹ Prev 1 2 3 10 Next ›