中文
相关论文

相关论文: Steering Beyond the Support: Adversarial Training …

200 篇论文

Activation steering has emerged as a powerful tool to shape LLM behavior without the need for weight updates. While its inherent brittleness and unreliability are well-documented, its safety implications remain underexplored. In this work,…

密码学与安全 · 计算机科学 2026-03-26 Yuxiao Li , Alina Fastowski , Efstratios Zaradoukas , Bardh Prenkaj , Gjergji Kasneci

Activation steering is a practical post-training model alignment technique to enhance the utility of Large Language Models (LLMs). Prior to deploying a model as a service, developers can steer a pre-trained model toward specific behavioral…

密码学与安全 · 计算机科学 2026-02-06 Chen Xiong , Zhiyuan He , Pin-Yu Chen , Ching-Yun Ko , Tsung-Yi Ho

Jailbreaking is an emerging adversarial attack that bypasses the safety alignment deployed in off-the-shelf large language models (LLMs). A considerable amount of research exists proposing more effective jailbreak attacks, including the…

密码学与安全 · 计算机科学 2024-03-05 Daoyuan Wu , Shuai Wang , Yang Liu , Ning Liu

Although safely enhanced Large Language Models (LLMs) have achieved remarkable success in tackling various complex tasks in a zero-shot manner, they remain susceptible to jailbreak attacks, particularly the unknown jailbreak attack. To…

计算与语言 · 计算机科学 2024-06-12 Fan Liu , Zhao Xu , Hao Liu

As vision-language models (VLMs) are increasingly deployed in open-world scenarios, they can be easily induced by visual jailbreak attacks to generate harmful content, posing serious risks to model safety and trustworthy usage. Recent…

计算机视觉与模式识别 · 计算机科学 2026-03-26 Xingyu Zhu , Beier Zhu , Shuo Wang , Junfeng Fang , Kesen Zhao , Hanwang Zhang , Xiangnan He

As LLMs are increasingly deployed in real-world applications, ensuring their ability to refuse malicious prompts, especially jailbreak attacks, is essential for safe and reliable use. Recently, activation steering has emerged as an…

Large language models (LLMs) are shown to be vulnerable to jailbreaking attacks where adversarial prompts are designed to elicit harmful responses. While existing defenses effectively mitigate single-turn attacks by detecting and filtering…

计算与语言 · 计算机科学 2026-02-17 Hanjiang Hu , Alexander Robey , Changliu Liu

Vision Language Models (VLMs) can produce unintended and harmful content when exposed to adversarial attacks, particularly because their vision capabilities create new vulnerabilities. Existing defenses, such as input preprocessing,…

计算机视觉与模式识别 · 计算机科学 2025-05-05 Han Wang , Gang Wang , Huan Zhang

Safety-aligned LLMs respond to prompts with either compliance or refusal, each corresponding to distinct directions in the model's activation space. Recent works show that initializing attacks via self-transfer from other prompts…

密码学与安全 · 计算机科学 2025-10-09 Amit Levi , Rom Himelstein , Yaniv Nemcovsky , Avi Mendelson , Chaim Baskin

Despite extensive efforts in safety alignment, large language models (LLMs) remain vulnerable to jailbreak attacks. Activation steering offers a training-free defense method but relies on fixed steering coefficients, resulting in suboptimal…

密码学与安全 · 计算机科学 2025-09-22 Weixiang Zhao , Jiahe Guo , Yulin Hu , Yang Deng , An Zhang , Xingyu Sui , Xinyang Han , Yanyan Zhao , Bing Qin , Tat-Seng Chua , Ting Liu

Jailbreaking is an emerging adversarial attack that bypasses the safety alignment deployed in off-the-shelf large language models (LLMs) and has evolved into multiple categories: human-based, optimization-based, generation-based, and the…

密码学与安全 · 计算机科学 2025-02-06 Xunguang Wang , Daoyuan Wu , Zhenlan Ji , Zongjie Li , Pingchuan Ma , Shuai Wang , Yingjiu Li , Yang Liu , Ning Liu , Juergen Rahmel

Large Language Models (LLMs) have demonstrated remarkable capabilities across various tasks, yet they remain vulnerable to adversarial manipulations such as jailbreaking via prompt injection attacks. These attacks bypass safety mechanisms…

机器学习 · 计算机科学 2025-07-08 Xin Wei Chia , Swee Liang Wong , Jonathan Pan

Extensive work has been devoted to improving the safety mechanism of Large Language Models (LLMs). However, LLMs still tend to generate harmful responses when faced with malicious instructions, a phenomenon referred to as "Jailbreak…

计算与语言 · 计算机科学 2024-02-26 Yanrui Du , Sendong Zhao , Ming Ma , Yuhan Chen , Bing Qin

Recent work has demonstrated the potential of contrastive steering for jailbreaking Large Language Models (LLMs). However, existing methods rely on limited and inherently biased contrastive prompts and require laborious manual tuning of…

密码学与安全 · 计算机科学 2026-05-21 Junxi Chen , Junhao Dong , Xiaohua Xie

Activation steering is a promising technique for controlling LLM behavior by adding semantically meaningful vectors directly into a model's hidden states during inference. It is often framed as a precise, interpretable, and potentially…

机器学习 · 计算机科学 2026-02-17 Anton Korznikov , Andrey Galichin , Alexey Dontsov , Oleg Y. Rogov , Ivan Oseledets , Elena Tutubalina

Iterative jailbreak methods that repeatedly rewrite and input prompts into large language models (LLMs) to induce harmful outputs -- using the model's previous responses to guide each new iteration -- have been found to be a highly…

计算与语言 · 计算机科学 2025-10-21 Masahiro Kaneko , Zeerak Talat , Timothy Baldwin

This study reveals a critical safety blind spot in modern LLMs: learning-style queries, which closely resemble ordinary educational questions, can reliably elicit harmful responses. The learning-style queries are constructed by a novel…

密码学与安全 · 计算机科学 2026-02-25 Xuan Luo , Yue Wang , Zefeng He , Geng Tu , Jing Li , Ruifeng Xu

Alignment in LLMs is more brittle than commonly assumed: misalignment can be triggered by adversarial prompts, benign fine-tuning, emergent misalignment, and goal misgeneralization. Recent evidence suggests that some misalignment behaviors…

人工智能 · 计算机科学 2026-04-10 Niklas Herbster , Martin Zborowski , Alberto Tosato , Gauthier Gidel , Tommaso Tosato

As large language models (LLMs) become integrated into everyday applications, ensuring their robustness and security is increasingly critical. In particular, LLMs can be manipulated into unsafe behaviour by prompts known as jailbreaks. The…

Safety and security remain critical concerns in AI deployment. Despite safety training through reinforcement learning with human feedback (RLHF) [ 32], language models remain vulnerable to jailbreak attacks that bypass safety guardrails.…

‹ 上一页 1 2 3 10 下一页 ›