English
Related papers

Related papers: Dynamic Target Attack

200 papers

Adversarial examples represent a serious issue for the application of machine learning models in many sensitive domains. For generating adversarial examples, decision based black-box attacks are one of the most practical techniques as they…

Machine Learning · Computer Science 2024-11-20 Nicole Meng , Caleb Manicke , David Chen , Yingjie Lao , Caiwen Ding , Pengyu Hong , Kaleel Mahmood

Test-Time Training (TTT) is an emerging paradigm that enables models to adapt their parameters during inference, improving performance on tasks such as few-shot learning, retrieval-augmented generation, and complex reasoning. However, this…

Machine Learning · Computer Science 2026-05-25 Simone Antonelli , Sadegh Akhondzadeh , Aleksandar Bojchevski

Safety alignment in Large Language Models (LLMs) often creates a systematic discrepancy between a model's aligned output and the underlying pre-aligned data distribution. We propose a framework in which the effect of safety alignment on…

Computation and Language · Computer Science 2026-02-03 Yuxuan Lu , Yongkang Guo , Yuqing Kong

Recently, Large Language Models (LLMs) have made significant advancements and are now widely used across various domains. Unfortunately, there has been a rising concern that LLMs can be misused to generate harmful or malicious content.…

Computation and Language · Computer Science 2024-06-13 Bochuan Cao , Yuanpu Cao , Lu Lin , Jinghui Chen

Test-time adaptation (TTA) addresses distribution shifts for streaming test data in unsupervised settings. Currently, most TTA methods can only deal with minor shifts and rely heavily on heuristic and empirical studies. To advance TTA under…

Machine Learning · Computer Science 2024-04-09 Shurui Gui , Xiner Li , Shuiwang Ji

As the scale and complexity of jailbreaking attacks on large language models (LLMs) continue to escalate, their efficiency and practical applicability are constrained, posing a profound challenge to LLM security. Jailbreaking techniques…

Computation and Language · Computer Science 2025-12-23 Xiang Li , Chong Zhang , Jia Wang , Fangyu Wu , Yushi Li , Xiaobo Jin

Despite significant advancements in deep reinforcement learning (DRL)-based autonomous driving policies, these policies still exhibit vulnerability to adversarial attacks. This vulnerability poses a formidable challenge to the practical…

Machine Learning · Computer Science 2024-12-05 Junchao Fan , Xuyang Lei , Xiaolin Chang , Jelena Mišić , Vojislav B. Mišić

Large Language Models (LLMs) have achieved remarkable success across diverse tasks, yet they remain vulnerable to adversarial attacks, notably the well-known jailbreak attack. In particular, the Greedy Coordinate Gradient (GCG) attack has…

Machine Learning · Computer Science 2025-03-04 Yihao Zhang , Zeming Wei

Robustness of huge Transformer-based models for natural language processing is an important issue due to their capabilities and wide adoption. One way to understand and improve robustness of these models is an exploration of an adversarial…

Suffix-based jailbreak attacks append an adversarial suffix, i.e., a short token sequence, to steer aligned LLMs into unsafe outputs. Since suffixes are free-form text, they admit endlessly many surface forms, making jailbreak mitigation…

Cryptography and Security · Computer Science 2026-02-09 Mengyao Du , Han Fang , Haokai Ma , Gang Yang , Quanjun Yin , Shouling Ji , Ee-Chien Chang

Large Language Models (LLMs) have been extensively used across diverse domains, including virtual assistants, automated code generation, and scientific research. However, they remain vulnerable to jailbreak attacks, which manipulate the…

Cryptography and Security · Computer Science 2026-01-05 Haoran Gu , Handing Wang , Yi Mei , Mengjie Zhang , Yaochu Jin

Recent studies have shown that deep reinforcement learning (DRL) policies are vulnerable to adversarial attacks, which raise concerns about applications of DRL to safety-critical systems. In this work, we adopt a principled way and study…

Machine Learning · Computer Science 2022-05-17 Chao Wang

We present MultiBreak, a scalable and diverse multi-turn jailbreak benchmark to evaluate large language model (LLM) safety. Multi-turn jailbreaks mimic natural conversational settings, making them easier to bypass safety-aligned LLM than…

Computation and Language · Computer Science 2026-05-05 Jialin Song , Xiaodong Liu , Weiwei Yang , Wuyang Chen , Mingqian Feng , Xuekai Zhu , Jianfeng Gao

Extensive research demonstrates that Deep Reinforcement Learning (DRL) models are susceptible to adversarially constructed inputs (i.e., adversarial examples), which can mislead the agent to take suboptimal or unsafe actions. Recent methods…

Machine Learning · Computer Science 2026-02-24 Shenghong He

Large language models (LLMs) have exhibited outstanding performance in natural language processing tasks. However, these models remain susceptible to adversarial attacks in which slight input perturbations can lead to harmful or misleading…

Computer Vision and Pattern Recognition · Computer Science 2024-12-19 Minkyoung Kim , Yunha Kim , Hyeram Seo , Heejung Choi , Jiye Han , Gaeun Kee , Soyoung Ko , HyoJe Jung , Byeolhee Kim , Young-Hak Kim , Sanghyun Park , Tae Joon Jun

Large Reasoning Models (LRMs) have demonstrated remarkable capabilities in solving complex problems by generating structured, step-by-step reasoning content. However, exposing a model's internal reasoning process introduces additional…

Artificial Intelligence · Computer Science 2026-05-20 Zheng Lin , Zhenxing Niu , Haoxuan Ji , Yuzhe Huang , Haichang Gao

In the past few years, Language Models (LMs) have shown par-human capabilities in several domains. Despite their practical applications and exceeding user consumption, they are susceptible to jailbreaks when malicious input exploits the…

Computation and Language · Computer Science 2025-04-18 Charlotte Siska , Anush Sankaran

Large Language Models (LLMs) remain vulnerable to jailbreaking attacks where adversarial prompts elicit harmful outputs. Yet most evaluations focus on single-turn interactions while real-world attacks unfold through adaptive multi-turn…

Computation and Language · Computer Science 2025-12-23 Aashray Reddy , Andrew Zagula , Nicholas Saban

Current evaluations of defenses against prompt attacks in large language model (LLM) applications often overlook two critical factors: the dynamic nature of adversarial behavior and the usability penalties imposed on legitimate users by…

Jailbreaking is an emerging adversarial attack that bypasses the safety alignment deployed in off-the-shelf large language models (LLMs) and has evolved into multiple categories: human-based, optimization-based, generation-based, and the…

Cryptography and Security · Computer Science 2025-02-06 Xunguang Wang , Daoyuan Wu , Zhenlan Ji , Zongjie Li , Pingchuan Ma , Shuai Wang , Yingjiu Li , Yang Liu , Ning Liu , Juergen Rahmel