English
Related papers

Related papers: Peak + Accumulation: A Proxy-Level Scoring Formula…

200 papers

Multi-turn prompt injection follows a known attack path -- trust-building, pivoting, escalation but text-level defenses miss covert attacks where individual turns appear benign. We show this attack path leaves an activation-level signature…

Cryptography and Security · Computer Science 2026-05-01 Prashant Kulkarni

We present MultiBreak, a scalable and diverse multi-turn jailbreak benchmark to evaluate large language model (LLM) safety. Multi-turn jailbreaks mimic natural conversational settings, making them easier to bypass safety-aligned LLM than…

Computation and Language · Computer Science 2026-05-05 Jialin Song , Xiaodong Liu , Weiwei Yang , Wuyang Chen , Mingqian Feng , Xuekai Zhu , Jianfeng Gao

Turn-level metrics are widely used to evaluate properties of multi-turn human-LLM conversations, from safety and sycophancy to dialogue quality. However, consecutive turns within a conversation are not statistically independent -- a fact…

Computation and Language · Computer Science 2026-04-17 Ferdinand M. Schessl

This paper introduces FRACTURED-SORRY-Bench, a framework for evaluating the safety of Large Language Models (LLMs) against multi-turn conversational attacks. Building upon the SORRY-Bench dataset, we propose a simple yet effective method…

Computation and Language · Computer Science 2024-11-08 Aman Priyanshu , Supriti Vijay

Large Language Model (LLM) agents are powering a growing share of interactive web applications, yet remain vulnerable to misuse and harm. Prior jailbreak research has largely focused on single-turn prompts, whereas real harassment often…

Artificial Intelligence · Computer Science 2025-10-22 Trilok Padhi , Pinxian Lu , Abdulkadir Erol , Tanmay Sutar , Gauri Sharma , Mina Sonmez , Munmun De Choudhury , Ugur Kursuncu

Static benchmarks fail to capture LLM vulnerabilities emerging through community experimentation in online forums. We present PrompTrend, a system that collects vulnerability data across platforms and evaluates them using multidimensional…

Cryptography and Security · Computer Science 2025-07-28 Tarek Gasmi , Ramzi Guesmi , Mootez Aloui , Jihene Bennaceur

Multi-turn jailbreaks exploit the ability of large language models to accumulate and act on conversational context. Instead of stating a harmful request directly, an attacker can gradually steer the conversation toward an unsafe answer.…

Cryptography and Security · Computer Science 2026-05-13 Xinkai Zhang , Zhipeng Wei , Huanli Gong , Jing Ting Zheng , Yuchen Zhang , Yue Dong , N. Benjamin Erichson

Retrieval-augmented LLMs are deployed for tasks where evidence quality determines action safety, yet evaluation protocols assume that single-turn robustness predicts robustness when evidence accumulates across turns. We show this assumption…

Artificial Intelligence · Computer Science 2026-05-27 Zhe Yu , Wenpeng Xing , Chen Ye , Xuyang Teng , Bo Yang , Changting Lin , Meng Han

Large Language Models face security threats from jailbreak attacks. Existing research has predominantly focused on prompt-level attacks while largely ignoring the underexplored attack surface of user-controlled response prefilling. This…

Cryptography and Security · Computer Science 2025-08-27 Yakai Li , Jiekang Hu , Weiduan Sang , Luping Ma , Dongsheng Nie , Weijuan Zhang , Aimin Yu , Yi Su , Qingjia Huang , Qihang Zhou

Prompt leakage poses a compelling security and privacy threat in LLM applications. Leakage of system prompts may compromise intellectual property, and act as adversarial reconnaissance for an attacker. A systematic evaluation of prompt…

Cryptography and Security · Computer Science 2024-07-30 Divyansh Agarwal , Alexander R. Fabbri , Ben Risher , Philippe Laban , Shafiq Joty , Chien-Sheng Wu

People increasingly use LLM agents for multi-turn financial recommendations, where the agent pulls market data through tools and tracks user preferences across turns. When tool outputs are manipulated, the recommendations stop matching the…

Computation and Language · Computer Science 2026-05-27 Zekun Wu , Adriano Koshiyama , Sahan Bulathwela , Maria Perez-Ortiz

Large language models are increasingly used for vulnerability detection, yet their reliability under different prompt formulations remains uncharacterized. We present PromptAudit, a controlled evaluation framework that isolates prompt…

Machine Learning · Computer Science 2026-05-26 Steffen J. Camarato , Yahya Hmaiti , Mandana Ghadamian , David Mohaisen

Detecting cyberbullying on social media remains a critical challenge due to its subtle and varied expressions. This study investigates whether integrating aggression detection as an auxiliary task within a unified training framework can…

Computation and Language · Computer Science 2025-08-25 Aisha Saeid , Anu Sabu , Girish A. Koushik , Ferrante Neri , Diptesh Kanojia

Multi-turn interaction length is a dominant factor in the operational costs of conversational LLMs. In this work, we present a new failure mode in conversational LLMs: turn amplification, in which a model consistently prolongs multi-turn…

Machine Learning · Computer Science 2026-02-23 Zachary Coalson , Bo Fang , Sanghyun Hong

Large language models have seen widespread adoption, yet they remain vulnerable to multi-turn jailbreak attacks, threatening their safe deployment. This has led to the task of training automated multi-turn attackers to probe model safety…

Artificial Intelligence · Computer Science 2026-04-22 Xiqiao Xiong , Ouxiang Li , Zhuo Liu , Moxin Li , Wentao Shi , Fengbin Zhu , Qifan Wang , Fuli Feng

Advanced Persistent Threats (APTs) are prolonged, stealthy intrusions by skilled adversaries that compromise high-value systems to steal data or disrupt operations. Reconstructing complete attack chains from massive, heterogeneous logs is…

Cryptography and Security · Computer Science 2025-09-03 Rujie Dai , Peizhuo Lv , Yujiang Gui , Qiujian Lv , Yuanyuan Qiao , Yan Wang , Degang Sun , Weiqing Huang , Yingjiu Li , XiaoFeng Wang

Recent advancements in large language models (LLMs) have highlighted the potential for vulnerability detection, a crucial component of software quality assurance. Despite this progress, most studies have been limited to the perspective of a…

Software Engineering · Computer Science 2024-05-21 Zhenyu Mao , Jialong Li , Dongming Jin , Munan Li , Kenji Tei

The growing deployment of large language model (LLM) based agents that interact with external environments has created new attack surfaces for adversarial manipulation. One major threat is indirect prompt injection, where attackers embed…

Computation and Language · Computer Science 2026-04-14 Hwan Chang , Yonghyun Jun , Hwanhee Lee

While defenses against single-turn jailbreak attacks on Large Language Models (LLMs) have improved significantly, multi-turn jailbreaks remain a persistent vulnerability, often achieving success rates exceeding 70% against models optimized…

Machine Learning · Computer Science 2025-08-12 Xiaoxue Yang , Jaeha Lee , Anna-Katharina Dick , Jasper Timm , Fei Xie , Diogo Cruz

Multi-turn jailbreak attacks simulate real-world human interactions by engaging large language models (LLMs) in iterative dialogues, exposing critical safety vulnerabilities. However, existing methods often struggle to balance semantic…

Computation and Language · Computer Science 2025-03-12 Zonghao Ying , Deyue Zhang , Zonglei Jing , Yisong Xiao , Quanchen Zou , Aishan Liu , Siyuan Liang , Xiangzheng Zhang , Xianglong Liu , Dacheng Tao
‹ Prev 1 2 3 10 Next ›