English
Related papers

Related papers: Dynamic Target Attack

200 papers

We introduce LLMStinger, a novel approach that leverages Large Language Models (LLMs) to automatically generate adversarial suffixes for jailbreak attacks. Unlike traditional methods, which require complex prompt engineering or white-box…

Machine Learning · Computer Science 2026-01-29 Piyush Jha , Arnav Arora , Vijay Ganesh

Backdoor attacks against pre-trained models (PTMs) have traditionally operated under an ``immediacy assumption,'' where malicious behavior manifests instantly upon trigger occurrence. This work revisits and challenges this paradigm by…

Cryptography and Security · Computer Science 2026-03-13 Zikang Ding , Haomiao Yang , Meng Hao , Wenbo Jiang , Kunlan Xiang , Runmeng Du , Yijing Liu , Ruichen Zhang , Dusit Niyato

Autonomous UAV navigation using reinforcement learning (RL) is vulnerable to adversarial attacks that manipulate sensor inputs, potentially leading to unsafe behavior and mission failure. Although robust RL methods provide partial…

Machine Learning · Computer Science 2025-12-16 Deepak Kumar Panda , Weisi Guo

Content Warning: This paper may contain unsafe or harmful content generated by LLMs that may be offensive to readers. Large Language Models (LLMs) increasingly serve as tooling platforms through structured output APIs, but the…

Cryptography and Security · Computer Science 2026-05-22 Shuoming Zhang , Jiacheng Zhao , Hanyuan Dong , Ruiyuan Xu , Zhicheng Li , Yangyu Zhang , Shuaijiang Li , Yuan Wen , Chunwei Xia , Zheng Wang , Xiaobing Feng , Huimin Cui

Despite extensive safety alignment, Large Language Models (LLMs) remain vulnerable to jailbreak attacks. However, existing methods generally lack the capability for continuous learning and self-evolution from interactions, limiting the…

Cryptography and Security · Computer Science 2026-04-21 Xu Liu , Yan Chen , Kan Ling , Yichi Zhu , Hengrun Zhang , Guisheng Fan , Huiqun Yu

In the realm of black-box jailbreak attacks on large language models (LLMs), the feasibility of constructing a narrow safety proxy, a lightweight model designed to predict the attack success rate (ASR) of adversarial prompts, remains…

Cryptography and Security · Computer Science 2025-12-01 Tianyu Zhang , Zihang Xi , Jingyu Hua , Sheng Zhong

Evaluating and predicting the performance of large language models (LLMs) in multi-turn conversational settings is critical yet computationally expensive; key events -- e.g., jailbreaks or successful task completion by an agent -- often…

Machine Learning · Computer Science 2026-05-08 Shai Feldman , Yaniv Romano

Recently, test-time adaptation (TTA) has been proposed as a promising solution for addressing distribution shifts. It allows a base model to adapt to an unforeseen distribution during inference by leveraging the information from the batch…

Machine Learning · Computer Science 2023-02-07 Tong Wu , Feiran Jia , Xiangyu Qi , Jiachen T. Wang , Vikash Sehwag , Saeed Mahloujifar , Prateek Mittal

Large language model (LLM) safety is a critical issue, with numerous studies employing red team testing to enhance model security. Among these, jailbreak methods explore potential vulnerabilities by crafting malicious prompts that induce…

Computation and Language · Computer Science 2025-03-07 Honglin Mu , Han He , Yuxin Zhou , Yunlong Feng , Yang Xu , Libo Qin , Xiaoming Shi , Zeming Liu , Xudong Han , Qi Shi , Qingfu Zhu , Wanxiang Che

Adversarial attack algorithms are dominated by penalty methods, which are slow in practice, or more efficient distance-customized methods, which are heavily tailored to the properties of the distance considered. We propose a white-box…

Machine Learning · Computer Science 2021-08-20 Jérôme Rony , Eric Granger , Marco Pedersoli , Ismail Ben Ayed

While significant attention has been dedicated to exploiting weaknesses in LLMs through jailbreaking attacks, there remains a paucity of effort in defending against these attacks. We point out a pivotal factor contributing to the success of…

Computation and Language · Computer Science 2024-06-13 Zhexin Zhang , Junxiao Yang , Pei Ke , Fei Mi , Hongning Wang , Minlie Huang

Dynamic difficulty adjustment ($DDA$) is a process of automatically changing a game difficulty for the optimization of user experience. It is a vital part of almost any modern game. Most existing DDA approaches concentrate on the experience…

Machine Learning · Computer Science 2021-06-08 Dvir Ben Or , Michael Kolomenkin , Gil Shabat

Semantic segmentation is a fundamental visual task that finds extensive deployment in applications with security-sensitive considerations. Nonetheless, recent work illustrates the adversarial vulnerability of semantic segmentation models to…

Computer Vision and Pattern Recognition · Computer Science 2024-02-05 Zhaoyu Chen , Zhengyang Shan , Jingwen Chang , Kaixun Jiang , Dingkang Yang , Yiting Cheng , Wenqiang Zhang

Trajectory prediction systems are critical for autonomous vehicle safety, yet remain vulnerable to adversarial attacks that can cause catastrophic traffic behavior misinterpretations. Existing attack methods require white-box access with…

Robotics · Computer Science 2026-03-30 Jiaxiang Li , Jun Yan , Daniel Watzenig , Huilin Yin

Ensuring LLM alignment is critical to information security as AI models become increasingly widespread and integrated in society. Unfortunately, many defenses against adversarial attacks and jailbreaking on LLMs cannot adapt quickly to new…

Cryptography and Security · Computer Science 2025-08-12 Ivan Zhang

With the advancement of vision transformers (ViTs) and self-supervised learning (SSL) techniques, pre-trained large ViTs have become the new foundation models for computer vision applications. However, studies have shown that, like…

Computer Vision and Pattern Recognition · Computer Science 2024-08-06 Weijie Zheng , Xingjun Ma , Hanxun Huang , Zuxuan Wu , Yu-Gang Jiang

Deep reinforcement learning (DRL) has made significant achievements in many real-world applications. But these real-world applications typically can only provide partial observations for making decisions due to occlusions and noisy sensors.…

Machine Learning · Computer Science 2022-12-13 Yinbo Yu , Jiajia Liu , Shouqing Li , Kepu Huang , Xudong Feng

Jailbreak attacks on large language models (LLMs) aim to induce LLMs to produce content that they are expected to refuse. Automated black-box jailbreak generation is especially important for safety evaluation, where the attacker observes…

Cryptography and Security · Computer Science 2026-05-29 Junke Zhang , Jianwei Wang , Sishuo Chen , Yizhang He , Qingshuai Feng , Zhengyi Yang

Decision-based methods have shown to be effective in black-box adversarial attacks, as they can obtain satisfactory performance and only require to access the final model prediction. Gradient estimation is a critical step in black-box…

Machine Learning · Computer Science 2023-10-31 Han Liu , Xingshuo Huang , Xiaotong Zhang , Qimai Li , Fenglong Ma , Wei Wang , Hongyang Chen , Hong Yu , Xianchao Zhang

Large language models (LLMs) have been widely adopted in applications such as automated content generation and even critical decision-making systems. However, the risk of prompt injection allows for potential manipulation of LLM outputs.…

Computation and Language · Computer Science 2024-11-25 Jiashuo Liang , Guancheng Li , Yang Yu