English
Related papers

Related papers: Peak + Accumulation: A Proxy-Level Scoring Formula…

200 papers

LLM safety evaluations predominantly test models in isolation, yet deployed AI agents increasingly operate within persistent social environments alongside other agents. We introduce a Moltbook-style simulation platform where thousands of…

Artificial Intelligence · Computer Science 2026-05-28 Aman Priyanshu , Supriti Vijay , Esha Pahwa

Despite recent rapid progress in AI safety, current large language models remain vulnerable to adversarial attacks in multi-turn interaction settings, where attackers strategically adapt their prompts across conversation turns and pose a…

Machine Learning · Computer Science 2026-03-10 Ruohao Guo , Afshin Oroojlooy , Roshan Sridhar , Miguel Ballesteros , Alan Ritter , Dan Roth

In the realm of black-box jailbreak attacks on large language models (LLMs), the feasibility of constructing a narrow safety proxy, a lightweight model designed to predict the attack success rate (ASR) of adversarial prompts, remains…

Cryptography and Security · Computer Science 2025-12-01 Tianyu Zhang , Zihang Xi , Jingyu Hua , Sheng Zhong

Large language models (LLMs) are becoming a popular tool as they have significantly advanced in their capability to tackle a wide range of language-based tasks. However, LLMs applications are highly vulnerable to prompt injection attacks,…

Computation and Language · Computer Science 2024-11-11 Md Abdur Rahman , Fan Wu , Alfredo Cuzzocrea , Sheikh Iqbal Ahamed

We introduce Tempest, a multi-turn adversarial framework that models the gradual erosion of Large Language Model (LLM) safety through a tree search perspective. Unlike single-turn jailbreaks that rely on one meticulously engineered prompt,…

Artificial Intelligence · Computer Science 2025-05-29 Andy Zhou , Ron Arel

Jailbreak attacks represent one of the most sophisticated threats to the security of large language models (LLMs). To deal with such risks, we introduce an innovative framework that can help evaluate the effectiveness of jailbreak attacks…

Computation and Language · Computer Science 2025-03-19 Dong Shu , Chong Zhang , Mingyu Jin , Zihao Zhou , Lingyao Li , Yongfeng Zhang

With the proliferation of LLM-integrated applications such as GPT-s, millions are deployed, offering valuable services through proprietary instruction prompts. These systems, however, are prone to prompt extraction attacks through…

Cryptography and Security · Computer Science 2024-10-29 Junlin Wang , Tianyi Yang , Roy Xie , Bhuwan Dhingra

Language Model Models (LLMs) have improved dramatically in the past few years, increasing their adoption and the scope of their capabilities over time. A significant amount of work is dedicated to ``model alignment'', i.e., preventing LLMs…

Computation and Language · Computer Science 2025-04-07 Abhishek Singhania , Christophe Dupuy , Shivam Mangale , Amani Namboori

Recent advances in large language models (LLMs) have led to their extensive global deployment, and ensuring their safety calls for comprehensive and multilingual toxicity evaluations. However, existing toxicity benchmarks are overwhelmingly…

Computation and Language · Computer Science 2024-08-13 Devansh Jain , Priyanshu Kumar , Samuel Gehman , Xuhui Zhou , Thomas Hartvigsen , Maarten Sap

Large language models (LLMs) are increasingly relied upon for complex multi-turn conversations across diverse real-world applications. However, existing benchmarks predominantly focus on single-turn evaluations, overlooking the models'…

Computation and Language · Computer Science 2024-01-31 Wai-Chung Kwan , Xingshan Zeng , Yuxin Jiang , Yufei Wang , Liangyou Li , Lifeng Shang , Xin Jiang , Qun Liu , Kam-Fai Wong

Large Language Models (LLMs) often exhibit significant behavioral shifts when they perceive a change from a real-world deployment context to a controlled evaluation setting, a phenomenon known as "evaluation awareness." This discrepancy…

Computation and Language · Computer Science 2025-12-05 Lang Xiong , Nishant Bhargava , Jianhang Hong , Jeremy Chang , Haihao Liu , Vasu Sharma , Kevin Zhu

As AI agents become integral to enterprise workflows, their reliance on shared tool libraries and pre-trained components creates significant supply chain vulnerabilities. While previous work has demonstrated behavioral backdoor detection…

Cryptography and Security · Computer Science 2025-11-26 Arun Chowdary Sanna

Large Language Model (LLM)-powered agents demonstrate strong capabilities in autonomous task execution, tool use, and multi-step reasoning. However, their increasing autonomy also introduces a new attack surface: adversarial interactions…

Artificial Intelligence · Computer Science 2026-05-05 Sheldon Yu , Yingcheng Sun , Hanqing Guo , Julian McAuley , Qianqian Tong

Large language models (LLMs) are widely used in real-world applications, raising concerns about their safety and trustworthiness. While red-teaming with jailbreak prompts exposes the vulnerabilities of LLMs, current efforts focus primarily…

Computation and Language · Computer Science 2025-11-14 Yi Zhao , Youzhi Zhang

Current open-source prompt-injection detectors converge on two architectural choices: regular-expression pattern matching and fine-tuned transformer classifiers. Both share failure modes that recent work has made concrete. Regular…

Cryptography and Security · Computer Science 2026-05-19 Thamilvendhan Munirathinam

Multi-tenant LLM serving frameworks widely adopt shared Key-Value caches to enhance efficiency. However, this creates side-channel vulnerabilities enabling prompt leakage attacks. Prior studies identified these attack surfaces yet focused…

Cryptography and Security · Computer Science 2026-02-25 Longxiang Wang , Xiang Zheng , Xuhao Zhang , Yao Zhang , Ye Wu , Cong Wang

The prompt-based learning paradigm, which bridges the gap between pre-training and fine-tuning, achieves state-of-the-art performance on several NLP tasks, particularly in few-shot settings. Despite being widely applied, prompt-based…

Computation and Language · Computer Science 2024-02-05 Shuai Zhao , Jinming Wen , Luu Anh Tuan , Junbo Zhao , Jie Fu

Instruction fine-tuning attacks pose a serious threat to large language models (LLMs) by subtly embedding poisoned examples in fine-tuning datasets, leading to harmful or unintended behaviors in downstream applications. Detecting such…

Machine Learning · Computer Science 2026-02-02 Jiawei Li

Safety defenses for large language models (LLMs) are typically trained and evaluated on single-turn prompts, yet real attacks often unfold as indirect, multi-turn probing. To defend against this more nuanced form of deception, we present a…

Machine Learning · Statistics 2026-05-28 Surender Suresh Kumar , Mary L. Cummings

Batch prompting, which combines a batch of multiple queries sharing the same context in one inference, has emerged as a promising solution to reduce inference costs. However, our study reveals a significant security vulnerability in batch…

Cryptography and Security · Computer Science 2025-06-23 Murong Yue , Ziyu Yao