English
Related papers

Related papers: Jailbreak Scaling Laws for Large Language Models: …

200 papers

Large Language Models (LLMs) remain susceptible to jailbreak exploits that bypass safety filters and induce harmful or unethical behavior. This work presents a systematic taxonomy of existing jailbreak defenses across prompt-level,…

Cryptography and Security · Computer Science 2025-11-25 Ryan Wong , Hosea David Yu Fei Ng , Dhananjai Sharma , Glenn Jun Jie Ng , Kavishvaran Srinivasan

Large language model (LLM) safety is a critical issue, with numerous studies employing red team testing to enhance model security. Among these, jailbreak methods explore potential vulnerabilities by crafting malicious prompts that induce…

Computation and Language · Computer Science 2025-03-07 Honglin Mu , Han He , Yuxin Zhou , Yunlong Feng , Yang Xu , Libo Qin , Xiaoming Shi , Zeming Liu , Xudong Han , Qi Shi , Qingfu Zhu , Wanxiang Che

Safety prompts constitute an interpretable layer of defense against jailbreak attacks in vision-language models (VLMs); however, their efficacy is constrained by the models' latent structural responsiveness. We observe that such prompts…

Computer Vision and Pattern Recognition · Computer Science 2026-03-17 Chongxin Li , Hanzhang Wang , Lian Duan

Iterative jailbreak methods that repeatedly rewrite and input prompts into large language models (LLMs) to induce harmful outputs -- using the model's previous responses to guide each new iteration -- have been found to be a highly…

Computation and Language · Computer Science 2025-10-21 Masahiro Kaneko , Zeerak Talat , Timothy Baldwin

Large Language Models (LLMs) have demonstrated impressive capabilities in natural language tasks, but their safety and morality remain contentious due to their training on internet text corpora. To address these concerns, alignment…

Computation and Language · Computer Science 2024-08-06 Mohammad Bahrami Karkevandi , Nishant Vishwamitra , Peyman Najafirad

Gradient-based adversarial prompting, such as the Greedy Coordinate Gradient (GCG) algorithm, has emerged as a powerful method for jailbreaking large language models (LLMs). In this paper, we present a systematic appraisal of GCG and its…

Computation and Language · Computer Science 2025-09-03 Yuting Tan , Xuying Li , Zhuo Li , Huizhen Shu , Peikang Hu

To circumvent the alignment of large language models (LLMs), current optimization-based adversarial attacks usually craft adversarial prompts by maximizing the likelihood of a so-called affirmative response. An affirmative response is a…

Jailbreaking -- bypassing built-in safety mechanisms in AI models -- has traditionally required complex technical procedures or specialized human expertise. In this study, we show that the persuasive capabilities of large reasoning models…

Computation and Language · Computer Science 2026-02-10 Thilo Hagendorff , Erik Derner , Nuria Oliver

In this study, we disclose a worrying new vulnerability in Large Language Models (LLMs), which we term \textbf{involuntary jailbreak}. Unlike existing jailbreak attacks, this weakness is distinct in that it does not involve a specific…

Cryptography and Security · Computer Science 2025-12-30 Yangyang Guo , Yangyan Li , Mohan Kankanhalli

The deployment of large language models (LLMs) has raised security concerns due to their susceptibility to producing harmful or policy-violating outputs when exposed to adversarial prompts. While alignment and guardrails mitigate common…

Computation and Language · Computer Science 2026-01-23 Rishit Chugh

Speech Language Models (SLMs) enable natural interactions via spoken instructions, which more effectively capture user intent by detecting nuances in speech. The richer speech signal introduces new security risks compared to text-based…

Audio and Speech Processing · Electrical Eng. & Systems 2025-10-17 Amirbek Djanibekov , Nurdaulet Mukhituly , Kentaro Inui , Hanan Aldarmaki , Nils Lukas

Although large language models (LLMs) are typically aligned, they remain vulnerable to jailbreaking through either carefully crafted prompts in natural language or, interestingly, gibberish adversarial suffixes. However, gibberish tokens…

Computation and Language · Computer Science 2024-10-30 Vishal Kumar , Zeyi Liao , Jaylen Jones , Huan Sun

Large language models (LLMs) are susceptible to a type of attack known as jailbreaking, which misleads LLMs to output harmful contents. Although there are diverse jailbreak attack strategies, there is no unified understanding on why some…

Computation and Language · Computer Science 2024-12-04 Yuping Lin , Pengfei He , Han Xu , Yue Xing , Makoto Yamada , Hui Liu , Jiliang Tang

In the past few years, Language Models (LMs) have shown par-human capabilities in several domains. Despite their practical applications and exceeding user consumption, they are susceptible to jailbreaks when malicious input exploits the…

Computation and Language · Computer Science 2025-04-18 Charlotte Siska , Anush Sankaran

Large Language Models (LLMs) are known to be susceptible to crafted adversarial attacks or jailbreaks that lead to the generation of objectionable content despite being aligned to human preferences using safety fine-tuning methods. While…

Computation and Language · Computer Science 2025-03-26 Sravanti Addepalli , Yerram Varun , Arun Suggala , Karthikeyan Shanmugam , Prateek Jain

Recent work has shown it is possible to construct adversarial examples that cause an aligned language model to emit harmful strings or perform harmful behavior. Existing attacks work either in the white-box setting (with full access to the…

Computation and Language · Computer Science 2024-12-10 Jonathan Hayase , Ema Borevkovic , Nicholas Carlini , Florian Tramèr , Milad Nasr

Despite significant advancements in alignment and content moderation, large language models (LLMs) and text-to-image (T2I) systems remain vulnerable to prompt-based attacks known as jailbreaks. Unlike traditional adversarial examples…

Computer Vision and Pattern Recognition · Computer Science 2025-07-30 Ahmed B Mustafa , Zihan Ye , Yang Lu , Michael P Pound , Shreyank N Gowda

The proliferation of Large Language Models (LLMs) has introduced critical security challenges, where adversarial actors can manipulate input prompts to cause significant harm and circumvent safety alignments. These prompt-based attacks…

We present evidence that adversarial poetry functions as a universal single-turn jailbreak technique for Large Language Models (LLMs). Across 25 frontier proprietary and open-weight models, curated poetic prompts yielded high attack-success…

Large language models (LLMs) have gained widespread adoption across diverse applications due to their impressive generative capabilities. Their plug-and-play nature enables both developers and end users to interact with these models through…

Cryptography and Security · Computer Science 2025-10-21 Zongze Li , Jiawei Guo , Haipeng Cai