English
Related papers

Related papers: Latent-space Attacks for Refusal Evasion in Langua…

200 papers

Recent work has shown that language models' refusal behavior is primarily encoded in a single direction in their latent space, making it vulnerable to targeted attacks. Although Latent Adversarial Training (LAT) attempts to improve…

Computation and Language · Computer Science 2025-04-29 Alexandra Abbas , Nora Petrova , Helios Ael Lyons , Natalia Perez-Campanero

Safety-aligned language models refuse harmful requests through learned refusal behaviors encoded in their internal representations. Recent activation-based jailbreaking methods circumvent these safety mechanisms by applying orthogonal…

Machine Learning · Computer Science 2026-03-05 Geraldin Nanfack , Eugene Belilovsky , Elvis Dohmatob

Conversational large language models are fine-tuned for both instruction-following and safety, resulting in models that obey benign requests but refuse harmful ones. While this refusal behavior is widespread across chat models, its…

Machine Learning · Computer Science 2024-11-01 Andy Arditi , Oscar Obeso , Aaquib Syed , Daniel Paleka , Nina Panickssery , Wes Gurnee , Neel Nanda

Refusal is a key safety behavior in aligned language models, yet the internal mechanisms driving refusals remain opaque. In this work, we conduct a mechanistic study of refusal in instruction-tuned LLMs using sparse autoencoders to identify…

Computation and Language · Computer Science 2025-05-30 Wei Jie Yeo , Nirmalendu Prakash , Clement Neo , Roy Ka-Wei Lee , Erik Cambria , Ranjan Satapathy

Jailbreak attacks pose persistent threats to large language models (LLMs). Current safety alignment methods have attempted to address these issues, but they experience two significant limitations: insufficient safety alignment depth and…

Cryptography and Security · Computer Science 2025-09-19 Yuanbo Xie , Yingjie Zhang , Tianyun Liu , Duohe Ma , Tingwen Liu

Large language models (LLMs) are typically aligned to refuse harmful instructions through safety fine-tuning. A recent attack, termed abliteration, identifies and suppresses the single latent direction most responsible for refusal behavior,…

Computation and Language · Computer Science 2025-10-08 Harethah Abu Shairah , Hasan Abed Al Kader Hammoud , Bernard Ghanem , George Turkiyyah

Safety alignment is a key requirement for building reliable Artificial General Intelligence. Despite significant advances in safety alignment, we observe that minor latent shifts can still trigger unsafe responses in aligned models. We…

Machine Learning · Computer Science 2025-06-23 Tianle Gu , Kexin Huang , Zongqi Wang , Yixu Wang , Jie Li , Yuanqi Yao , Yang Yao , Yujiu Yang , Yan Teng , Yingchun Wang

Aligned language models that are trained to refuse harmful requests also exhibit over-refusal: they decline safe instructions that seemingly resemble harmful instructions. A natural approach is to ablate the global refusal direction,…

Computation and Language · Computer Science 2026-05-29 Utsav Maskey , Mark Dras , Usman Naseem

Prior work argues that refusal in large language models is mediated by a single activation-space direction, enabling effective steering and ablation. We show that this account is incomplete. Across eleven categories of refusal and…

Computation and Language · Computer Science 2026-02-03 Faaiz Joad , Majd Hawasly , Sabri Boughorbel , Nadir Durrani , Husrev Taha Sencar

This study reveals a previously unexplored vulnerability in the safety alignment of Large Language Models (LLMs). Existing aligned LLMs predominantly respond to unsafe queries with refusals, which often begin with a fixed set of prefixes…

Cryptography and Security · Computer Science 2026-01-28 Yangyang Guo , Ziwei Xu , Si Liu , Zhiming Zheng , Mohan Kankanhalli

Refusal mechanisms in large language models (LLMs) are essential for ensuring safety. Recent research has revealed that refusal behavior can be mediated by a single direction in activation space, enabling targeted interventions to bypass…

Computation and Language · Computer Science 2026-02-26 Xinpeng Wang , Mingyang Wang , Yihong Liu , Hinrich Schütze , Barbara Plank

Jailbreaks are adversarial attacks designed to bypass the built-in safety mechanisms of large language models. Automated jailbreaks typically optimize an adversarial suffix or adapt long prompt templates by forcing the model to generate the…

Computation and Language · Computer Science 2025-10-31 Raffaele Mura , Giorgio Piras , Kamilė Lukošiūtė , Maura Pintor , Amin Karbasi , Battista Biggio

Recent advancements in large language models (LLMs) have demonstrated that fine-tuning and human alignment can render LLMs harmless. In practice, such "harmlessness" behavior is mainly achieved by training models to reject harmful requests,…

Computation and Language · Computer Science 2025-03-25 Shengyun Si , Xinpeng Wang , Guangyao Zhai , Nassir Navab , Barbara Plank

Refusal refers to the functional behavior enabling safety-aligned language models to reject harmful or unethical prompts. Following the growing scientific interest in mechanistic interpretability, recent work encoded refusal behavior as a…

Artificial Intelligence · Computer Science 2026-03-25 Giorgio Piras , Raffaele Mura , Fabio Brau , Luca Oneto , Fabio Roli , Battista Biggio

Training a language model to be both helpful and harmless requires careful calibration of refusal behaviours: Models should refuse to follow malicious instructions or give harmful advice (e.g."how do I kill someone?"), but they should not…

Computation and Language · Computer Science 2025-03-05 Xinpeng Wang , Chengzhi Hu , Paul Röttger , Barbara Plank

Current safety evaluations of language models rely on benchmark-based assessments that may miss localized vulnerabilities. We present RepIt, a simple and data-efficient framework for isolating concept-specific representations in LM…

Artificial Intelligence · Computer Science 2026-04-22 Vincent Siu , Nathan W. Henry , Nicholas Crispino , Yang Liu , Dawn Song , Chenguang Wang

Refusal on harmful prompts is a key safety behaviour in instruction-tuned large language models (LLMs), yet the internal causes of this behaviour remain poorly understood. We study two public instruction-tuned models, Gemma-2-2B-IT and…

Computation and Language · Computer Science 2026-04-29 Nirmalendu Prakash , Yeo Wei Jie , Amir Abdullah , Ranjan Satapathy , Erik Cambria , Roy Ka Wei Lee

Recent research studies revealed that neural networks are vulnerable to adversarial attacks. State-of-the-art defensive techniques add various adversarial examples in training to improve models' adversarial robustness. However, these…

Machine Learning · Computer Science 2019-09-13 Chang Song , Zuoguan Wang , Hai Li

Fine-tuning safety-aligned language models for downstream tasks often leads to substantial degradation of refusal behavior, making models vulnerable to adversarial misuse. While prior work has shown that safety-relevant features are encoded…

Machine Learning · Computer Science 2026-05-05 Sadia Asif , Mohammad Mohammadi Amiri

In LLM-based text-to-SQL systems, unanswerable and underspecified user queries may generate not only incorrect text but also executable programs that yield misleading results or violate safety constraints, posing a major barrier to safe…

Artificial Intelligence · Computer Science 2026-04-15 Xuancheng Ren , Shijing Hu , Zhihui Lu , Jiangqi Huang , Qiang Duan
‹ Prev 1 2 3 10 Next ›