English
Related papers

Related papers: When Benchmarks Lie: Evaluating Malicious Prompt C…

200 papers

Large Language Models (LLMs) are seeing significant adoption in every type of organization due to their exceptional generative capabilities. However, LLMs are found to be vulnerable to various adversarial attacks, particularly prompt…

Cryptography and Security · Computer Science 2024-10-30 Md. Ahsan Ayub , Subhabrata Majumdar

Attack Success Rate (ASR) evaluates each jailbreak with a single yes/no label at the end of generation, telling us whether a failure happened but not how it unfolded. Two attacks that produce equally harmful outputs may have followed…

Artificial Intelligence · Computer Science 2026-05-29 Junyoung Park , Sunghwan Park , Seongyong Ju , Jaewoo Lee

Large Language Models (LLMs) are increasingly vulnerable to a sophisticated form of adversarial prompting known as camouflaged jailbreaking. This method embeds malicious intent within seemingly benign language to evade existing safety…

Cryptography and Security · Computer Science 2025-09-09 Youjia Zheng , Mohammad Zandsalimy , Shanu Sushmita

Current open-source prompt-injection detectors converge on two architectural choices: regular-expression pattern matching and fine-tuned transformer classifiers. Both share failure modes that recent work has made concrete. Regular…

Cryptography and Security · Computer Science 2026-05-19 Thamilvendhan Munirathinam

Since autonomous coding agents generate complex behaviors at high-volume, we may want to use other LLMs to monitor actions to reduce the risk from dangerous misaligned behavior. To better understand the limitations of such monitors against…

Cryptography and Security · Computer Science 2026-05-20 Elle Najt , Colin Toft , Tyler Tracy , Fabien Roger , Joe Benton

AI agents are vulnerable to indirect prompt injection attacks, where malicious instructions embedded in external content or tool outputs cause unintended or harmful behavior. Inspired by the well-established concept of firewalls, we show…

Cryptography and Security · Computer Science 2026-03-24 Rishika Bhagwatkar , Kevin Kasa , Abhay Puri , Gabriel Huang , Irina Rish , Graham W. Taylor , Krishnamurthy Dj Dvijotham , Alexandre Lacoste

Large Language Model (LLM) alignment remains vulnerable to jailbreak attacks that elicit unsafe responses, motivating pre-model and post-model guards. Pre-model guards audit the safety of prompts before invoking target models. However,…

Cryptography and Security · Computer Science 2026-05-20 Hongyu Cai , Arjun Arunasalam , Yiming Liang , Antonio Bianchi , Z. Berkay Celik

The systems and software powered by Large Language Models (LLMs) and Multi-Modal LLMs (MLLMs) have played a critical role in numerous scenarios. However, current LLM systems are vulnerable to prompt-based attacks, with jailbreaking attacks…

Cryptography and Security · Computer Science 2025-03-18 Xiaoyu Zhang , Cen Zhang , Tianlin Li , Yihao Huang , Xiaojun Jia , Ming Hu , Jie Zhang , Yang Liu , Shiqing Ma , Chao Shen

The study of large language models (LLMs) is a key area in open-world machine learning. Although LLMs demonstrate remarkable natural language processing capabilities, they also face several challenges, including consistency issues,…

Jailbreaking is an emerging adversarial attack that bypasses the safety alignment deployed in off-the-shelf large language models (LLMs). A considerable amount of research exists proposing more effective jailbreak attacks, including the…

Cryptography and Security · Computer Science 2024-03-05 Daoyuan Wu , Shuai Wang , Yang Liu , Ning Liu

Uncovering the mechanisms behind "jailbreaks" in large language models (LLMs) is crucial for enhancing their safety and reliability, yet these mechanisms remain poorly understood. Existing studies predominantly analyze jailbreak prompts by…

Machine Learning · Computer Science 2026-02-06 Licheng Pan , Yunsheng Lu , Jiexi Liu , Jialing Tao , Haozhe Feng , Hui Xue , Zhixuan Chu , Kui Ren

Safety mechanisms for large language models (LLMs) remain predominantly English-centric, creating systematic vulnerabilities in multilingual deployment. Prior work shows that translating malicious prompts into other languages can…

Computation and Language · Computer Science 2026-04-29 Shirin Alanova , Bogdan Minko , Sabrina Sadiekh , Evgeniy Kokuykin

Many safety and alignment failures of large language models (LLMs) occur due to out-of-distribution (OOD) situations: unusual prompt or response patterns that are unforeseen by model developers. We systematically study whether LLM…

Artificial Intelligence · Computer Science 2026-05-26 Dylan Feng , Pragya Srivastava , Anca Dragan , Cassidy Laidlaw

Ensuring the reliability of machine learning-based intrusion detection systems remains a critical challenge in Internet of Things (IoT) environments, particularly as data poisoning attacks increasingly threaten the integrity of model…

Large Language Models (LLMs) are powerful tools for answering user queries, yet they remain highly vulnerable to jailbreak attacks. Existing guardrail methods typically rely on internal features or textual responses to detect malicious…

Cryptography and Security · Computer Science 2026-05-29 Zikai Zhang , Rui Hu , Olivera Kotevska , Jiahao Xu

Large language models (LLMs) are susceptible to a type of attack known as jailbreaking, which misleads LLMs to output harmful contents. Although there are diverse jailbreak attack strategies, there is no unified understanding on why some…

Computation and Language · Computer Science 2024-12-04 Yuping Lin , Pengfei He , Han Xu , Yue Xing , Makoto Yamada , Hui Liu , Jiliang Tang

Alignment in large language models (LLMs) is used to enforce guidelines such as safety. Yet, alignment fails in the face of jailbreak attacks that modify inputs to induce unsafe outputs. In this paper, we introduce and evaluate a new…

Cryptography and Security · Computer Science 2026-02-19 Jean-Charles Noirot Ferrand , Yohan Beugin , Eric Pauley , Ryan Sheatsley , Patrick McDaniel

LLM-integrated applications are vulnerable to prompt injection attacks, where an attacker contaminates the input to inject malicious instructions, causing the LLM to follow the attacker's intent instead of the original user's. Existing…

Cryptography and Security · Computer Science 2026-01-27 Wei Zou , Yupei Liu , Yanting Wang , Ying Chen , Neil Gong , Jinyuan Jia

The safety alignment of Large Language Models (LLMs) is vulnerable to both manual and automated jailbreak attacks, which adversarially trigger LLMs to output harmful content. However, current methods for jailbreaking LLMs, which nest entire…

Cryptography and Security · Computer Science 2024-11-13 Xirui Li , Ruochen Wang , Minhao Cheng , Tianyi Zhou , Cho-Jui Hsieh

As large language models (LLMs) evolve from static chatbots into autonomous agents, the primary vulnerability surface shifts from final outputs to intermediate execution traces. While safety guardrails are well-benchmarked for natural…

Cryptography and Security · Computer Science 2026-04-09 Yen-Shan Chen , Sian-Yao Huang , Cheng-Lin Yang , Yun-Nung Chen