Saved in:
Bibliographic Details
Main Authors: Yao, Dongyu, Zhang, Jianshu, Harris, Ian G., Carlsson, Marcel
Format: Preprint
Published: 2023
Subjects:
Online Access:https://arxiv.org/abs/2309.05274
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866914752059408384
author Yao, Dongyu
Zhang, Jianshu
Harris, Ian G.
Carlsson, Marcel
author_facet Yao, Dongyu
Zhang, Jianshu
Harris, Ian G.
Carlsson, Marcel
contents Jailbreak vulnerabilities in Large Language Models (LLMs), which exploit meticulously crafted prompts to elicit content that violates service guidelines, have captured the attention of research communities. While model owners can defend against individual jailbreak prompts through safety training strategies, this relatively passive approach struggles to handle the broader category of similar jailbreaks. To tackle this issue, we introduce FuzzLLM, an automated fuzzing framework designed to proactively test and discover jailbreak vulnerabilities in LLMs. We utilize templates to capture the structural integrity of a prompt and isolate key features of a jailbreak class as constraints. By integrating different base classes into powerful combo attacks and varying the elements of constraints and prohibited questions, FuzzLLM enables efficient testing with reduced manual effort. Extensive experiments demonstrate FuzzLLM's effectiveness and comprehensiveness in vulnerability discovery across various LLMs.
format Preprint
id arxiv_https___arxiv_org_abs_2309_05274
institution arXiv
publishDate 2023
record_format arxiv
spellingShingle FuzzLLM: A Novel and Universal Fuzzing Framework for Proactively Discovering Jailbreak Vulnerabilities in Large Language Models
Yao, Dongyu
Zhang, Jianshu
Harris, Ian G.
Carlsson, Marcel
Cryptography and Security
Jailbreak vulnerabilities in Large Language Models (LLMs), which exploit meticulously crafted prompts to elicit content that violates service guidelines, have captured the attention of research communities. While model owners can defend against individual jailbreak prompts through safety training strategies, this relatively passive approach struggles to handle the broader category of similar jailbreaks. To tackle this issue, we introduce FuzzLLM, an automated fuzzing framework designed to proactively test and discover jailbreak vulnerabilities in LLMs. We utilize templates to capture the structural integrity of a prompt and isolate key features of a jailbreak class as constraints. By integrating different base classes into powerful combo attacks and varying the elements of constraints and prohibited questions, FuzzLLM enables efficient testing with reduced manual effort. Extensive experiments demonstrate FuzzLLM's effectiveness and comprehensiveness in vulnerability discovery across various LLMs.
title FuzzLLM: A Novel and Universal Fuzzing Framework for Proactively Discovering Jailbreak Vulnerabilities in Large Language Models
topic Cryptography and Security
url https://arxiv.org/abs/2309.05274