English
Related papers

Related papers: Attention Is Where You Attack

200 papers

Current safety alignment for large language models(LLMs) continues to present vulnerabilities, given that adversarial prompting can effectively bypass their safety measures.Our investigation shows that these safety mechanisms predominantly…

Cryptography and Security · Computer Science 2025-08-28 Chao Huang , Zefeng Zhang , Juewei Yue , Quangang Li , Chuang Zhang , Tingwen Liu

Jailbreak attack can be used to access the vulnerabilities of Large Language Models (LLMs) by inducing LLMs to generate the harmful content. And the most common method of the attack is to construct semantically ambiguous prompts to confuse…

Cryptography and Security · Computer Science 2025-07-09 Rui Pu , Chaozhuo Li , Rui Ha , Zejian Chen , Litian Zhang , Zheng Liu , Lirong Qiu , Zaisheng Ye

Currently, open-sourced large language models (OSLLMs) have demonstrated remarkable generative performance. However, as their structure and weights are made public, they are exposed to jailbreak attacks even after alignment. Existing…

Cryptography and Security · Computer Science 2026-03-16 Jinman Wu , Yi Xie , Shiqian Zhao , Xiaofeng Chen

Large Vision-Language Models (LVLMs) rely on attention-based retrieval of safety instructions to maintain alignment during generation. Existing attacks typically optimize image perturbations to maximize harmful output likelihood, but suffer…

Computer Vision and Pattern Recognition · Computer Science 2026-04-14 Jingru Li , Wei Ren , Tianqing Zhu

Recent research has shown that carefully crafted jailbreak inputs can induce large language models to produce harmful outputs, despite safety measures such as alignment. It is important to anticipate the range of potential Jailbreak attacks…

Cryptography and Security · Computer Science 2025-02-24 Pedram Zaree , Md Abdullah Al Mamun , Quazi Mishkatul Alam , Yue Dong , Ihsen Alouani , Nael Abu-Ghazaleh

Large Reasoning Models (LRMs) have demonstrated remarkable capabilities in solving complex problems by generating structured, step-by-step reasoning content. However, exposing a model's internal reasoning process introduces additional…

Artificial Intelligence · Computer Science 2026-05-20 Zheng Lin , Zhenxing Niu , Haoxuan Ji , Yuzhe Huang , Haichang Gao

Existing gradient-based jailbreak attacks typically optimize an adversarial suffix to induce a fixed affirmative response, e.g., ``Sure, here is...''. However, this fixed target usually resides in an extremely low-density region of a…

Cryptography and Security · Computer Science 2026-01-30 Kedong Xiu , Churui Zeng , Tianhang Zheng , Xinzhe Huang , Xiaojun Jia , Di Wang , Puning Zhao , Zhan Qin , Kui Ren

Fine-tuned Large Language Models (LLMs) are vulnerable to backdoor attacks through data poisoning, yet the internal mechanisms governing these attacks remain a black box. Previous research on interpretability for LLM safety tends to focus…

Cryptography and Security · Computer Science 2025-10-01 Miao Yu , Zhenhong Zhou , Moayad Aloqaily , Kun Wang , Biwei Huang , Stephen Wang , Yueming Jin , Qingsong Wen

Downstream fine-tuning of vision-language-action (VLA) models enhances robotics, yet exposes the pipeline to backdoor risks. Attackers can pretrain VLAs on poisoned data to implant backdoors that remain stealthy but can trigger harmful…

Reinforcement Learning from Human Feedback (RLHF) remains vulnerable to reward hacking, where models exploit spurious correlations in learned reward models to achieve high scores while violating human intent. Existing mitigations rely on…

Artificial Intelligence · Computer Science 2026-02-03 Mohammad Beigi , Ming Jin , Junshan Zhang , Qifan Wang , Lifu Huang

Safety-aligned language models refuse harmful requests through learned refusal behaviors encoded in their internal representations. Recent activation-based jailbreaking methods circumvent these safety mechanisms by applying orthogonal…

Machine Learning · Computer Science 2026-03-05 Geraldin Nanfack , Eugene Belilovsky , Elvis Dohmatob

Large Language Models (LLMs) exhibit strong but shallow alignment: they directly refuse harmful queries when a refusal is expected at the very start of an assistant turn, yet this protection collapses once a harmful continuation is underway…

Machine Learning · Computer Science 2025-10-22 Jiawei Zhang , Andrew Estornell , David D. Baek , Bo Li , Xiaojun Xu

Despite rigorous safety alignment, Large Language Models (LLMs) remain vulnerable to jailbreak attacks. Existing black-box methods often rely on heuristic templates or exhaustive trials, lacking mechanistic interpretability and query…

Cryptography and Security · Computer Science 2026-05-19 Ziwei Wang , Jing Chen , Ruichao Liang , Zhi Wang , Yebo Feng , Ju Jia , Ruiying Du , Cong Wu , Yang Liu

Multi-turn jailbreaks capture the real threat model for safety-aligned chatbots, where single-turn attacks are merely a special case. Yet existing approaches break under exploration complexity and intent drift. We propose SEMA, a simple yet…

Computation and Language · Computer Science 2026-02-09 Mingqian Feng , Xiaodong Liu , Weiwei Yang , Jialin Song , Xuekai Zhu , Chenliang Xu , Jianfeng Gao

Adversarial attacks against Large Vision-Language Models (LVLMs) are crucial for exposing safety vulnerabilities in modern multimodal systems. Recent attacks based on input transformations, such as random cropping, suggest that spatially…

Computer Vision and Pattern Recognition · Computer Science 2026-02-05 Jaehyun Kwak , Nam Cao , Boryeong Cho , Segyu Lee , Sumyeong Ahn , Se-Young Yun

Large language models (LLMs) excel in various tasks but remain vulnerable to jailbreak attacks, where adversaries manipulate prompts to generate harmful outputs. Examining jailbreak prompts helps uncover the shortcomings of LLMs. However,…

Computation and Language · Computer Science 2024-12-18 Weixiong Zheng , Peijian Zeng , Yiwei Li , Hongyan Wu , Nankai Lin , Junhao Chen , Aimin Yang , Yongmei Zhou

Mechanistic interpretability reveals that safety-critical behaviors (e.g., alignment, jailbreak, backdoor) in Large Language Models (LLMs) are grounded in specialized functional components. However, existing safety attribution methods…

Machine Learning · Computer Science 2026-03-25 Miao Yu , Siyuan Fu , Moayad Aloqaily , Zhenhong Zhou , Safa Otoum , Xing fan , Kun Wang , Yufei Guo , Qingsong Wen

Long-form speech recognition is an application area of increasing research focus. ASR models based on multi-head attention (MHA) are ill-suited to long-form ASR because of their quadratic complexity in sequence length. We build on recent…

Computation and Language · Computer Science 2025-06-25 Martin Ratajczak , Jean-Philippe Robichaud , Jennifer Drexler Fox

Safety alignment in large language models (LLMs) is achieved through fine-tuning mechanisms that regulate neuron activations to suppress harmful content. In this work, we propose a novel approach to induce disalignment by identifying and…

Machine Learning · Computer Science 2025-05-01 Yi Zhou , Wenpeng Xing , Dezhang Kong , Changting Lin , Meng Han

Contextual priming, where earlier stimuli covertly bias later judgments, offers an unexplored attack surface for large language models (LLMs). We uncover a contextual priming vulnerability in which the previous response in the dialogue can…

Computation and Language · Computer Science 2025-11-24 Ziqi Miao , Lijun Li , Yuan Xiong , Zhenhua Liu , Pengyu Zhu , Jing Shao
‹ Prev 1 2 3 10 Next ›