English
Related papers

Related papers: Dynamic Target Attack

200 papers

Large Language Models (LLMs) are increasingly integrated into high-stakes applications, making robust safety guarantees a central practical and commercial concern. Existing safety evaluations predominantly rely on fixed collections of…

Computation and Language · Computer Science 2026-03-23 Zafir Shamsi , Nikhil Chekuru , Zachary Guzman , Shivank Garg

Modern large language model (LLM) developers typically conduct a safety alignment to prevent an LLM from generating unethical or harmful content. Recent studies have discovered that the safety alignment of LLMs can be bypassed by…

Cryptography and Security · Computer Science 2024-06-14 Xuan Chen , Yuzhou Nie , Lu Yan , Yunshu Mao , Wenbo Guo , Xiangyu Zhang

Jailbreak attacks exploit specific prompts to bypass LLM safeguards, causing the LLM to generate harmful, inappropriate, and misaligned content. Current jailbreaking methods rely heavily on carefully designed system prompts and numerous…

Cryptography and Security · Computer Science 2025-02-11 Buyun Liang , Kwan Ho Ryan Chan , Darshan Thaker , Jinqi Luo , René Vidal

Efficient red-teaming method to uncover vulnerabilities in Large Language Models (LLMs) is crucial. While recent attacks often use LLMs as optimizers, the discrete language space make gradient-based methods struggle. We introduce LARGO…

Machine Learning · Computer Science 2025-05-19 Ran Li , Hao Wang , Chengzhi Mao

Jailbreak vulnerabilities in Large Language Models (LLMs) refer to methods that extract malicious content from the model by carefully crafting prompts or suffixes, which has garnered significant attention from the research community.…

Cryptography and Security · Computer Science 2024-09-13 Lijia Lv , Weigang Zhang , Xuehai Tang , Jie Wen , Feng Liu , Jizhong Han , Songlin Hu

Direct Preference Optimization (DPO) is an efficient alignment technique that steers LLMs towards preferable outputs by training on preference data, bypassing the need for explicit reward models. Its simplicity enables easy adaptation to…

Large language models (LLMs) excel in various tasks but remain vulnerable to jailbreak attacks, where adversaries manipulate prompts to generate harmful outputs. Examining jailbreak prompts helps uncover the shortcomings of LLMs. However,…

Computation and Language · Computer Science 2024-12-18 Weixiong Zheng , Peijian Zeng , Yiwei Li , Hongyan Wu , Nankai Lin , Junhao Chen , Aimin Yang , Yongmei Zhou

As Large Language Models (LLMs) are widely used, understanding them systematically is key to improving their safety and realizing their full potential. Although many models are aligned using techniques such as reinforcement learning from…

Machine Learning · Computer Science 2025-05-16 Sajib Biswas , Mao Nishino , Samuel Jacob Chacko , Xiuwen Liu

Recent studies developed jailbreaking attacks, which construct jailbreaking prompts to fool LLMs into responding to harmful questions. Early-stage jailbreaking attacks require access to model internals or significant human efforts. More…

Cryptography and Security · Computer Science 2025-01-28 Xuan Chen , Yuzhou Nie , Wenbo Guo , Xiangyu Zhang

Extensive work has been devoted to improving the safety mechanism of Large Language Models (LLMs). However, LLMs still tend to generate harmful responses when faced with malicious instructions, a phenomenon referred to as "Jailbreak…

Computation and Language · Computer Science 2024-02-26 Yanrui Du , Sendong Zhao , Ming Ma , Yuhan Chen , Bing Qin

Many recent studies showed that LLMs are vulnerable to jailbreak attacks, where an attacker can perturb the input of an LLM to induce it to generate an output for a harmful question. In general, existing jailbreak techniques either optimize…

Cryptography and Security · Computer Science 2025-11-27 Yanting Wang , Runpeng Geng , Jinghui Chen , Minhao Cheng , Jinyuan Jia

To circumvent the alignment of large language models (LLMs), current optimization-based adversarial attacks usually craft adversarial prompts by maximizing the likelihood of a so-called affirmative response. An affirmative response is a…

Recent work on adversarial attack has shown that Projected Gradient Descent (PGD) Adversary is a universal first-order adversary, and the classifier adversarially trained by PGD is robust against a wide range of first-order attacks. It is…

Machine Learning · Computer Science 2018-12-07 Tianhang Zheng , Changyou Chen , Kui Ren

Jailbreak attacks against large language models (LLMs) aim to induce harmful behaviors in LLMs through carefully crafted adversarial prompts. To mitigate attacks, one way is to perform adversarial training (AT)-based alignment, i.e.,…

Machine Learning · Computer Science 2026-02-03 Shaopeng Fu , Liang Ding , Jingfeng Zhang , Di Wang

Automatic adversarial prompt generation provides remarkable success in jailbreaking safely-aligned large language models (LLMs). Existing gradient-based attacks, while demonstrating outstanding performance in jailbreaking white-box LLMs,…

Machine Learning · Computer Science 2025-01-22 Qizhang Li , Xiaochen Yang , Wangmeng Zuo , Yiwen Guo

Deep reinforcement learning (DRL) has emerged as a promising approach for robotic control, but its realworld deployment remains challenging due to its vulnerability to environmental perturbations. Existing white-box adversarial attack…

Machine Learning · Computer Science 2025-03-28 Zongyuan Zhang , Tianyang Duan , Zheng Lin , Dong Huang , Zihan Fang , Zekai Sun , Ling Xiong , Hongbin Liang , Heming Cui , Yong Cui , Yue Gao

Existing black-box jailbreak attacks achieve certain success on non-reasoning models but degrade significantly on recent SOTA reasoning models. To improve attack ability, inspired by adversarial aggregation strategies, we integrate multiple…

Computation and Language · Computer Science 2026-01-08 Chiyu Zhang , Lu Zhou , Xiaogang Xu , Jiafei Wu , Liming Fang , Zhe Liu

Domain adaptation (DA) enables knowledge transfer from a labeled source domain to an unlabeled target domain by reducing the cross-domain distribution discrepancy. Most prior DA approaches leverage complicated and powerful deep neural…

Computer Vision and Pattern Recognition · Computer Science 2021-03-31 Shuang Li , Jinming Zhang , Wenxuan Ma , Chi Harold Liu , Wei Li

Recent research has shown that Large Language Models (LLMs) are vulnerable to automated jailbreak attacks, where adversarial suffixes crafted by algorithms appended to harmful queries bypass safety alignment and trigger unintended…

Computation and Language · Computer Science 2025-11-10 Chung-En Sun , Xiaodong Liu , Weiwei Yang , Tsui-Wei Weng , Hao Cheng , Aidan San , Michel Galley , Jianfeng Gao

Transfer-based adversarial attacks raise a severe threat to real-world deep learning systems since they do not require access to target models. Adversarial training (AT), which is recognized as the strongest defense against white-box…

Cryptography and Security · Computer Science 2023-10-17 Yulong Yang , Chenhao Lin , Xiang Ji , Qiwei Tian , Qian Li , Hongshan Yang , Zhibo Wang , Chao Shen