English
Related papers

Related papers: Steering Beyond the Support: Adversarial Training …

200 papers

Activation steering has emerged as a powerful tool to shape LLM behavior without the need for weight updates. While its inherent brittleness and unreliability are well-documented, its safety implications remain underexplored. In this work,…

Cryptography and Security · Computer Science 2026-03-26 Yuxiao Li , Alina Fastowski , Efstratios Zaradoukas , Bardh Prenkaj , Gjergji Kasneci

Activation steering is a practical post-training model alignment technique to enhance the utility of Large Language Models (LLMs). Prior to deploying a model as a service, developers can steer a pre-trained model toward specific behavioral…

Cryptography and Security · Computer Science 2026-02-06 Chen Xiong , Zhiyuan He , Pin-Yu Chen , Ching-Yun Ko , Tsung-Yi Ho

Jailbreaking is an emerging adversarial attack that bypasses the safety alignment deployed in off-the-shelf large language models (LLMs). A considerable amount of research exists proposing more effective jailbreak attacks, including the…

Cryptography and Security · Computer Science 2024-03-05 Daoyuan Wu , Shuai Wang , Yang Liu , Ning Liu

Although safely enhanced Large Language Models (LLMs) have achieved remarkable success in tackling various complex tasks in a zero-shot manner, they remain susceptible to jailbreak attacks, particularly the unknown jailbreak attack. To…

Computation and Language · Computer Science 2024-06-12 Fan Liu , Zhao Xu , Hao Liu

As vision-language models (VLMs) are increasingly deployed in open-world scenarios, they can be easily induced by visual jailbreak attacks to generate harmful content, posing serious risks to model safety and trustworthy usage. Recent…

Computer Vision and Pattern Recognition · Computer Science 2026-03-26 Xingyu Zhu , Beier Zhu , Shuo Wang , Junfeng Fang , Kesen Zhao , Hanwang Zhang , Xiangnan He

As LLMs are increasingly deployed in real-world applications, ensuring their ability to refuse malicious prompts, especially jailbreak attacks, is essential for safe and reliable use. Recently, activation steering has emerged as an…

Machine Learning · Computer Science 2026-02-10 Leheng Sheng , Changshuo Shen , Weixiang Zhao , Junfeng Fang , Xiaohao Liu , Zhenkai Liang , Xiang Wang , An Zhang , Tat-Seng Chua

Large language models (LLMs) are shown to be vulnerable to jailbreaking attacks where adversarial prompts are designed to elicit harmful responses. While existing defenses effectively mitigate single-turn attacks by detecting and filtering…

Computation and Language · Computer Science 2026-02-17 Hanjiang Hu , Alexander Robey , Changliu Liu

Vision Language Models (VLMs) can produce unintended and harmful content when exposed to adversarial attacks, particularly because their vision capabilities create new vulnerabilities. Existing defenses, such as input preprocessing,…

Computer Vision and Pattern Recognition · Computer Science 2025-05-05 Han Wang , Gang Wang , Huan Zhang

Safety-aligned LLMs respond to prompts with either compliance or refusal, each corresponding to distinct directions in the model's activation space. Recent works show that initializing attacks via self-transfer from other prompts…

Cryptography and Security · Computer Science 2025-10-09 Amit Levi , Rom Himelstein , Yaniv Nemcovsky , Avi Mendelson , Chaim Baskin

Despite extensive efforts in safety alignment, large language models (LLMs) remain vulnerable to jailbreak attacks. Activation steering offers a training-free defense method but relies on fixed steering coefficients, resulting in suboptimal…

Cryptography and Security · Computer Science 2025-09-22 Weixiang Zhao , Jiahe Guo , Yulin Hu , Yang Deng , An Zhang , Xingyu Sui , Xinyang Han , Yanyan Zhao , Bing Qin , Tat-Seng Chua , Ting Liu

Jailbreaking is an emerging adversarial attack that bypasses the safety alignment deployed in off-the-shelf large language models (LLMs) and has evolved into multiple categories: human-based, optimization-based, generation-based, and the…

Cryptography and Security · Computer Science 2025-02-06 Xunguang Wang , Daoyuan Wu , Zhenlan Ji , Zongjie Li , Pingchuan Ma , Shuai Wang , Yingjiu Li , Yang Liu , Ning Liu , Juergen Rahmel

Large Language Models (LLMs) have demonstrated remarkable capabilities across various tasks, yet they remain vulnerable to adversarial manipulations such as jailbreaking via prompt injection attacks. These attacks bypass safety mechanisms…

Machine Learning · Computer Science 2025-07-08 Xin Wei Chia , Swee Liang Wong , Jonathan Pan

Extensive work has been devoted to improving the safety mechanism of Large Language Models (LLMs). However, LLMs still tend to generate harmful responses when faced with malicious instructions, a phenomenon referred to as "Jailbreak…

Computation and Language · Computer Science 2024-02-26 Yanrui Du , Sendong Zhao , Ming Ma , Yuhan Chen , Bing Qin

Recent work has demonstrated the potential of contrastive steering for jailbreaking Large Language Models (LLMs). However, existing methods rely on limited and inherently biased contrastive prompts and require laborious manual tuning of…

Cryptography and Security · Computer Science 2026-05-21 Junxi Chen , Junhao Dong , Xiaohua Xie

Activation steering is a promising technique for controlling LLM behavior by adding semantically meaningful vectors directly into a model's hidden states during inference. It is often framed as a precise, interpretable, and potentially…

Machine Learning · Computer Science 2026-02-17 Anton Korznikov , Andrey Galichin , Alexey Dontsov , Oleg Y. Rogov , Ivan Oseledets , Elena Tutubalina

Iterative jailbreak methods that repeatedly rewrite and input prompts into large language models (LLMs) to induce harmful outputs -- using the model's previous responses to guide each new iteration -- have been found to be a highly…

Computation and Language · Computer Science 2025-10-21 Masahiro Kaneko , Zeerak Talat , Timothy Baldwin

This study reveals a critical safety blind spot in modern LLMs: learning-style queries, which closely resemble ordinary educational questions, can reliably elicit harmful responses. The learning-style queries are constructed by a novel…

Cryptography and Security · Computer Science 2026-02-25 Xuan Luo , Yue Wang , Zefeng He , Geng Tu , Jing Li , Ruifeng Xu

Alignment in LLMs is more brittle than commonly assumed: misalignment can be triggered by adversarial prompts, benign fine-tuning, emergent misalignment, and goal misgeneralization. Recent evidence suggests that some misalignment behaviors…

Artificial Intelligence · Computer Science 2026-04-10 Niklas Herbster , Martin Zborowski , Alberto Tosato , Gauthier Gidel , Tommaso Tosato

As large language models (LLMs) become integrated into everyday applications, ensuring their robustness and security is increasingly critical. In particular, LLMs can be manipulated into unsafe behaviour by prompts known as jailbreaks. The…

Safety and security remain critical concerns in AI deployment. Despite safety training through reinforcement learning with human feedback (RLHF) [ 32], language models remain vulnerable to jailbreak attacks that bypass safety guardrails.…

Cryptography and Security · Computer Science 2025-04-29 Julien Piet , Xiao Huang , Dennis Jacob , Annabella Chow , Maha Alrashed , Geng Zhao , Zhanhao Hu , Chawin Sitawarin , Basel Alomair , David Wagner
‹ Prev 1 2 3 10 Next ›