English
Related papers

Related papers: Dynamic Target Attack

200 papers

Existing gradient-based jailbreak attacks on Large Language Models (LLMs) typically optimize adversarial suffixes to align the LLM output with predefined target responses. However, restricting the objective as inducing fixed targets…

Cryptography and Security · Computer Science 2026-03-03 Xinzhe Huang , Wenjing Hu , Tianhang Zheng , Kedong Xiu , Xiaojun Jia , Di Wang , Zhan Qin , Kui Ren

Gradient optimization-based adversarial attack methods automate the learning of adversarial triggers to generate jailbreak prompts or leak system prompts. In this work, we take a closer look at the optimization objective of adversarial…

Machine Learning · Computer Science 2025-11-21 Zhe Wang , Yanjun Qi

In generating adversarial examples, the conventional black-box attack methods rely on sufficient feedback from the to-be-attacked models by repeatedly querying until the attack is successful, which usually results in thousands of trials…

Computer Vision and Pattern Recognition · Computer Science 2023-12-13 Renyang Liu , Wei Zhou , Xin Jin , Song Gao , Yuanyu Wang , Ruxin Wang

Adversarial prompts generated using gradient-based methods exhibit outstanding performance in performing automatic jailbreak attacks against safety-aligned LLMs. Nevertheless, due to the discrete nature of texts, the input gradient of LLMs…

Cryptography and Security · Computer Science 2024-11-04 Qizhang Li , Yiwen Guo , Wangmeng Zuo , Hao Chen

While Large Language Models (LLMs) have achieved tremendous success in various applications, they are also susceptible to jailbreaking attacks. Several primary defense strategies have been proposed to protect LLMs from producing harmful…

Machine Learning · Computer Science 2024-11-01 Yichuan Mo , Yuji Wang , Zeming Wei , Yisen Wang

As LLMs become more common, non-expert users can pose risks, prompting extensive research into jailbreak attacks. However, most existing black-box jailbreak attacks rely on hand-crafted heuristics or narrow search spaces, which limit…

Cryptography and Security · Computer Science 2025-11-21 Zhen Sun , Zongmin Zhang , Deqi Liang , Han Sun , Yule Liu , Yun Shen , Xiangshan Gao , Yilong Yang , Shuai Liu , Yutao Yue , Xinlei He

Large language models (LLMs) have achieved remarkable success across diverse applications but remain vulnerable to jailbreak attacks, where attackers craft prompts that bypass safety alignment and elicit unsafe responses. Among existing…

Computation and Language · Computer Science 2026-03-04 Zhi Xu , Jiaqi Li , Xiaotong Zhang , Hong Yu , Han Liu

Jailbreaks are adversarial attacks designed to bypass the built-in safety mechanisms of large language models. Automated jailbreaks typically optimize an adversarial suffix or adapt long prompt templates by forcing the model to generate the…

Computation and Language · Computer Science 2025-10-31 Raffaele Mura , Giorgio Piras , Kamilė Lukošiūtė , Maura Pintor , Amin Karbasi , Battista Biggio

As large language models (LLMs) are increasingly deployed in critical applications, ensuring their robustness and safety alignment remains a major challenge. Despite the overall success of alignment techniques such as reinforcement learning…

Machine Learning · Computer Science 2025-08-21 Sajib Biswas , Mao Nishino , Samuel Jacob Chacko , Xiuwen Liu

Safety, security, and compliance are essential requirements when aligning large language models (LLMs). However, many seemingly aligned LLMs are soon shown to be susceptible to jailbreak attacks. These attacks aim to circumvent the models'…

Cryptography and Security · Computer Science 2025-06-05 Chen Xiong , Xiangyu Qi , Pin-Yu Chen , Tsung-Yi Ho

Iterative jailbreak methods that repeatedly rewrite and input prompts into large language models (LLMs) to induce harmful outputs -- using the model's previous responses to guide each new iteration -- have been found to be a highly…

Computation and Language · Computer Science 2025-10-21 Masahiro Kaneko , Zeerak Talat , Timothy Baldwin

Recent research has focused on exploring the vulnerabilities of Large Language Models (LLMs), aiming to elicit harmful and/or sensitive content from LLMs. However, due to the insufficient research on dual-jailbreaking -- attacks targeting…

Cryptography and Security · Computer Science 2025-10-07 Xinzhe Huang , Kedong Xiu , Tianhang Zheng , Churui Zeng , Wangze Ni , Zhan Qin , Kui Ren , Chun Chen

Existing training-time safety alignment techniques for large language models (LLMs) remain vulnerable to jailbreak attacks. Direct preference optimization (DPO), a widely deployed alignment method, exhibits limitations in both experimental…

Computation and Language · Computer Science 2025-10-31 Xuandong Zhao , Will Cai , Tianneng Shi , David Huang , Licong Lin , Song Mei , Dawn Song

Despite advances in AI alignment, large language models (LLMs) remain vulnerable to adversarial attacks or jailbreaking, in which adversaries can modify prompts to induce unwanted behavior. While some defenses have been proposed, they have…

Machine Learning · Computer Science 2024-11-11 Andy Zhou , Bo Li , Haohan Wang

As large language models(LLMs) become commonplace in practical applications, the security issues of LLMs have attracted societal concerns. Although extensive efforts have been made to safety alignment, LLMs remain vulnerable to jailbreak…

Computation and Language · Computer Science 2024-09-20 Xu Zhang , Dinghao Jing , Xiaojun Wan

Safety-aligned large language models rely on RLHF and instruction tuning to refuse harmful requests, yet the internal mechanisms implementing safety behavior remain poorly understood. We introduce the Attention Redistribution Attack (ARA),…

Cryptography and Security · Computer Science 2026-05-04 Aviral Srivastava , Sourav Panda

Deep neural networks (DNNs) have been widely used in many fields such as images processing, speech recognition; however, they are vulnerable to adversarial examples, and this is a security issue worthy of attention. Because the training…

Cryptography and Security · Computer Science 2019-08-08 Wenjian Luo , Chenwang Wu , Nan Zhou , Li Ni

Jailbreak attack can be used to access the vulnerabilities of Large Language Models (LLMs) by inducing LLMs to generate the harmful content. And the most common method of the attack is to construct semantically ambiguous prompts to confuse…

Cryptography and Security · Computer Science 2025-07-09 Rui Pu , Chaozhuo Li , Rui Ha , Zejian Chen , Litian Zhang , Zheng Liu , Lirong Qiu , Zaisheng Ye

Although safely enhanced Large Language Models (LLMs) have achieved remarkable success in tackling various complex tasks in a zero-shot manner, they remain susceptible to jailbreak attacks, particularly the unknown jailbreak attack. To…

Computation and Language · Computer Science 2024-06-12 Fan Liu , Zhao Xu , Hao Liu

Recent research indicates that large language models (LLMs) are susceptible to jailbreaking attacks that can generate harmful content. This paper introduces a novel token-level attack method, Adaptive Dense-to-Sparse Constrained…

Machine Learning · Computer Science 2025-02-13 Kai Hu , Weichen Yu , Yining Li , Kai Chen , Tianjun Yao , Xiang Li , Wenhe Liu , Lijun Yu , Zhiqiang Shen , Matt Fredrikson
‹ Prev 1 2 3 10 Next ›