English
Related papers

Related papers: Jailbreak Transferability Emerges from Shared Repr…

200 papers

Discrete optimization-based jailbreaking attacks on large language models aim to generate short, nonsensical suffixes that, when appended onto input prompts, elicit disallowed content. Notably, these suffixes are often transferable --…

Computation and Language · Computer Science 2025-10-28 Sarah Ball , Niki Hasrati , Alexander Robey , Avi Schwarzschild , Frauke Kreuter , Zico Kolter , Andrej Risteski

Large language models (LLMs) are susceptible to a type of attack known as jailbreaking, which misleads LLMs to output harmful contents. Although there are diverse jailbreak attack strategies, there is no unified understanding on why some…

Computation and Language · Computer Science 2024-12-04 Yuping Lin , Pengfei He , Han Xu , Yue Xing , Makoto Yamada , Hui Liu , Jiliang Tang

Transferability captures the ability of an attack against a machine-learning model to be effective against a different, potentially unknown, model. Empirical evidence for transferability has been shown in previous work, but the underlying…

Jailbreaking large language models (LLMs) has emerged as a critical security challenge with the widespread deployment of conversational AI systems. Adversarial users exploit these models through carefully crafted prompts to elicit…

Cryptography and Security · Computer Science 2026-02-23 Sri Durga Sai Sowmya Kadali , Evangelos E. Papalexakis

The field of adversarial robustness has long established that adversarial examples can successfully transfer between image classifiers and that text jailbreaks can successfully transfer between language models (LMs). However, a pair of…

Machine Learning · Computer Science 2025-10-06 Isha Gupta , Rylan Schaeffer , Joshua Kazdan , Ken Ziyu Liu , Sanmi Koyejo

State-of-the-art deep neural networks are known to be vulnerable to adversarial examples, formed by applying small but malicious perturbations to the original inputs. Moreover, the perturbations can \textit{transfer across models}:…

Machine Learning · Statistics 2018-02-28 Lei Wu , Zhanxing Zhu , Cheng Tai , Weinan E

Jailbreaking attacks can effectively manipulate open-source large language models (LLMs) to produce harmful responses. However, these attacks exhibit limited transferability, failing to disrupt proprietary LLMs consistently. To reliably…

Machine Learning · Computer Science 2025-05-20 Runqi Lin , Bo Han , Fengwang Li , Tongling Liu

Jailbreaks have been a central focus of research regarding the safety and reliability of large language models (LLMs), yet the mechanisms underlying these attacks remain poorly understood. While previous studies have predominantly relied on…

Cryptography and Security · Computer Science 2025-11-04 Nathalie Kirch , Constantin Weisser , Severin Field , Helen Yannakoudakis , Stephen Casper

Despite the outstanding performance of Large language Models (LLMs) in diverse tasks, they are vulnerable to jailbreak attacks, wherein adversarial prompts are crafted to bypass their security mechanisms and elicit unexpected responses.…

Cryptography and Security · Computer Science 2025-04-25 Zeqing He , Zhibo Wang , Zhixuan Chu , Huiyu Xu , Wenhui Zhang , Qinglong Wang , Rui Zheng

Jailbreaking attacks can effectively induce unsafe behaviors in Large Language Models (LLMs); however, the transferability of these attacks across different models remains limited. This study aims to understand and enhance the…

Machine Learning · Computer Science 2025-03-05 Junxiao Yang , Zhexin Zhang , Shiyao Cui , Hongning Wang , Minlie Huang

Many machine learning models are vulnerable to adversarial examples: inputs that are specially crafted to cause a machine learning model to produce an incorrect output. Adversarial examples that affect one model often affect another model,…

Cryptography and Security · Computer Science 2016-05-25 Nicolas Papernot , Patrick McDaniel , Ian Goodfellow

Large Language Model (LLM) alignment remains vulnerable to jailbreak attacks that elicit unsafe responses, motivating pre-model and post-model guards. Pre-model guards audit the safety of prompts before invoking target models. However,…

Cryptography and Security · Computer Science 2026-05-20 Hongyu Cai , Arjun Arunasalam , Yiming Liang , Antonio Bianchi , Z. Berkay Celik

Vision-language models (VLMs) extend large language models (LLMs) with vision encoders, enabling text generation conditioned on both images and text. However, this multimodal integration expands the attack surface by exposing the model to…

Machine Learning · Computer Science 2026-02-03 Kaiyuan Cui , Yige Li , Yutao Wu , Xingjun Ma , Sarah Erfani , Christopher Leckie , Hanxun Huang

Recent work has developed optimization procedures to find token sequences, called adversarial triggers, which can elicit unsafe responses from aligned language models. These triggers are believed to be highly transferable, i.e., a trigger…

Computation and Language · Computer Science 2025-04-10 Nicholas Meade , Arkil Patel , Siva Reddy

Safety and security remain critical concerns in AI deployment. Despite safety training through reinforcement learning with human feedback (RLHF) [ 32], language models remain vulnerable to jailbreak attacks that bypass safety guardrails.…

Cryptography and Security · Computer Science 2025-04-29 Julien Piet , Xiao Huang , Dennis Jacob , Annabella Chow , Maha Alrashed , Geng Zhao , Zhanhao Hu , Chawin Sitawarin , Basel Alomair , David Wagner

With the rapid advancement of large language models (LLMs), the safety of LLMs has become a critical concern. Despite significant efforts in safety alignment, current LLMs remain vulnerable to jailbreaking attacks. However, the root causes…

Artificial Intelligence · Computer Science 2026-03-10 Yonghong Deng , Zhen Yang , Ping Jian , Xinyue Zhang , Zhongbin Guo , Chengzhi Li

The recent surge in jailbreaking attacks has revealed significant vulnerabilities in Large Language Models (LLMs) when exposed to malicious inputs. While various defense strategies have been proposed to mitigate these threats, there has…

Computation and Language · Computer Science 2025-02-24 Tianlong Li , Zhenghua Wang , Wenhao Liu , Muling Wu , Shihan Dou , Changze Lv , Xiaohua Wang , Xiaoqing Zheng , Xuanjing Huang

Deep learning has achieved great success in computer vision, but remains vulnerable to adversarial attacks. Adversarial training is the leading defense designed to improve model robustness. However, its effect on the transferability of…

Computer Vision and Pattern Recognition · Computer Science 2025-12-15 Mohamed Awad , Mahmoud Akrm , Walid Gomaa

Conversational large language models are trained to refuse to answer harmful questions. However, emergent jailbreaking techniques can still elicit unsafe outputs, presenting an ongoing challenge for model alignment. To better understand how…

Computation and Language · Computer Science 2024-10-08 Sarah Ball , Frauke Kreuter , Nina Panickssery

Despite recent advances, Large Language Models remain vulnerable to jailbreak attacks that bypass alignment safeguards and elicit harmful outputs. While prior research has proposed various attack strategies differing in human readability…

Computation and Language · Computer Science 2025-10-28 Havva Alizadeh Noughabi , Julien Serbanescu , Fattane Zarrinkalam , Ali Dehghantanha
‹ Prev 1 2 3 10 Next ›