English
Related papers

Related papers: Sparse Autoencoders are Capable LLM Jailbreak Miti…

200 papers

Large language models (LLMs) can still be jailbroken into producing harmful outputs despite safety alignment. Existing attacks show this vulnerability, but not the internal mechanisms that cause it. This study asks whether jailbreak success…

Computation and Language · Computer Science 2026-04-28 Nilanjana Das , Manas Gaur

Large Language Models (LLMs) have demonstrated remarkable capabilities across various tasks, yet they remain vulnerable to adversarial manipulations such as jailbreaking via prompt injection attacks. These attacks bypass safety mechanisms…

Machine Learning · Computer Science 2025-07-08 Xin Wei Chia , Swee Liang Wong , Jonathan Pan

Large Language Models (LLMs) have shown remarkable success in various tasks, yet their safety and the risk of generating harmful content remain pressing concerns. In this paper, we delve into the potential of In-Context Learning (ICL) to…

Machine Learning · Computer Science 2024-05-28 Zeming Wei , Yifei Wang , Ang Li , Yichuan Mo , Yisen Wang

Reward models (RMs) are critical components of alignment pipelines, yet they exhibit biases toward superficial stylistic cues, preferring better-presented responses over semantically superior ones. Existing debiasing methods typically…

Computation and Language · Computer Science 2026-03-16 Mengyuan Sun , Zhuohao Yu , Weizheng Gu , Shikun Zhang , Wei Ye

Sparse autoencoders (SAEs) are a popular method for interpreting concepts represented in large language model (LLM) activations. However, there is a lack of evidence regarding the validity of their interpretations due to the lack of a…

Machine Learning · Computer Science 2025-02-25 Subhash Kantamneni , Joshua Engels , Senthooran Rajamanoharan , Max Tegmark , Neel Nanda

Sparse autoencoders (SAEs) have recently become central tools for interpretability, leveraging dictionary learning principles to extract sparse, interpretable features from neural representations whose underlying structure is typically…

Machine Learning · Computer Science 2025-11-05 Valérie Costa , Thomas Fel , Ekdeep Singh Lubana , Bahareh Tolooshams , Demba Ba

Preference learning in large language models relies on reward models as proxies for human judgment. However, these models frequently exhibit preference instability, producing contradictory preference assignments in response to subtle,…

Machine Learning · Computer Science 2026-05-19 Shunchang Liu , Xin Chen , Belen Martin Urcelay , Francesco Croce

Analyzing large-scale text corpora is a core challenge in machine learning, crucial for tasks like identifying undesirable model behaviors or biases in training data. Current methods often rely on costly LLM-based techniques (e.g.…

Artificial Intelligence · Computer Science 2025-12-12 Nick Jiang , Xiaoqing Sun , Lisa Dunlap , Lewis Smith , Neel Nanda

Large language models (LLMs) remain vulnerable to jailbreak attacks that bypass safety alignment and elicit harmful responses. A growing body of work shows that contextual priming, where earlier turns covertly bias later replies,…

Computation and Language · Computer Science 2026-05-05 Mario Rodríguez Béjar , Francisco J. Cortés-Delgado , S. Braghin , Jose L. Hernández-Ramos

Despite extensive pre-training in moral alignment to prevent generating harmful information, large language models (LLMs) remain vulnerable to jailbreak attacks. In this paper, we propose AutoDefense, a multi-agent defense framework that…

Machine Learning · Computer Science 2024-11-15 Yifan Zeng , Yiran Wu , Xiao Zhang , Huazheng Wang , Qingyun Wu

Despite extensive efforts in safety alignment, large language models (LLMs) remain vulnerable to jailbreak attacks. Activation steering offers a training-free defense method but relies on fixed steering coefficients, resulting in suboptimal…

Cryptography and Security · Computer Science 2025-09-22 Weixiang Zhao , Jiahe Guo , Yulin Hu , Yang Deng , An Zhang , Xingyu Sui , Xinyang Han , Yanyan Zhao , Bing Qin , Tat-Seng Chua , Ting Liu

Large language models (LLMs) are increasingly trained in complex Reinforcement Learning, multi-agent environments, making it difficult to understand how behavior changes over training. Sparse Autoencoders (SAEs) have recently shown to be…

Machine Learning · Computer Science 2026-02-09 John Yan , Michael Yu , Yuqi Sun , Alexander Duffy , Tyler Marques , Matthew Lyle Olson

Large Language Models (LLMs) remain vulnerable to adaptive jailbreaks that easily bypass empirical defenses like GCG. We propose a framework for certifiable robustness that shifts safety guarantees from single-pass inference to the…

Computation and Language · Computer Science 2026-02-03 Zehua Cheng , Jianwei Yang , Wei Dai , Jiahao Sun

Modern text classification methods heavily rely on contextual embeddings from large language models (LLMs). Compared to human-engineered features, these embeddings provide automatic and effective representations for classification model…

Computation and Language · Computer Science 2025-07-29 Xuansheng Wu , Wenhao Yu , Xiaoming Zhai , Ninghao Liu

Large Language Models (LLMs) are known to be vulnerable to jailbreaking attacks, wherein adversaries exploit carefully engineered prompts to induce harmful or unethical responses. Such threats have raised critical concerns about the safety…

Cryptography and Security · Computer Science 2025-05-22 Taiye Chen , Zeming Wei , Ang Li , Yisen Wang

Large language models (LLMs) are shown to be vulnerable to jailbreaking attacks where adversarial prompts are designed to elicit harmful responses. While existing defenses effectively mitigate single-turn attacks by detecting and filtering…

Computation and Language · Computer Science 2026-02-17 Hanjiang Hu , Alexander Robey , Changliu Liu

While Large Language Models (LLMs) have shown significant advancements in performance, various jailbreak attacks have posed growing safety and ethical risks. Malicious users often exploit adversarial context to deceive LLMs, prompting them…

Cryptography and Security · Computer Science 2025-08-15 Jinhwa Kim , Ian G. Harris

Software vulnerabilities such as buffer overflows and SQL injections are a major source of security breaches. Traditional methods for vulnerability detection remain essential but are limited by high false positive rates, scalability issues,…

Software Engineering · Computer Science 2026-04-10 Rui Melo , Claudia Mamede , Andre Catarino , Rui Abreu , Henrique Lopes Cardoso

Vision-Language Models (VLMs) exhibit impressive performance, yet the integration of powerful vision encoders has significantly broadened their attack surface, rendering them increasingly susceptible to jailbreak attacks. However, lacking…

Computer Vision and Pattern Recognition · Computer Science 2026-02-26 Jiaxin Song , Yixu Wang , Jie Li , Rui Yu , Yan Teng , Xingjun Ma , Yingchun Wang

We introduce \emph{self-jailbreaking}, a threat model in which an aligned LLM guides its own compromise. Unlike most jailbreak techniques, which often rely on handcrafted prompts or separate attacker models, self-jailbreaking requires no…

Computation and Language · Computer Science 2026-04-10 Devang Kulshreshtha , Hang Su , Haibo Jin , Chinmay Hegde , Haohan Wang