Salvato in:
Dettagli Bibliografici
Autori principali: Zhang, Xu, Jing, Dinghao, Wan, Xiaojun
Natura: Preprint
Pubblicazione: 2024
Soggetti:
Accesso online:https://arxiv.org/abs/2403.00292
Tags: Aggiungi Tag
Nessun Tag, puoi essere il primo ad aggiungerne!!
_version_ 1866913507345170432
author Zhang, Xu
Jing, Dinghao
Wan, Xiaojun
author_facet Zhang, Xu
Jing, Dinghao
Wan, Xiaojun
contents As large language models(LLMs) become commonplace in practical applications, the security issues of LLMs have attracted societal concerns. Although extensive efforts have been made to safety alignment, LLMs remain vulnerable to jailbreak attacks. We find that redundant computations limit the performance of existing jailbreak attack methods. Therefore, we propose DPP-based Stochastic Trigger Searching (DSTS), a new optimization algorithm for jailbreak attacks. DSTS incorporates diversity guidance through techniques including stochastic gradient search and DPP selection during optimization. Detailed experiments and ablation studies demonstrate the effectiveness of the algorithm. Moreover, we use the proposed algorithm to compute the risk boundaries for different LLMs, providing a new perspective on LLM safety evaluation.
format Preprint
id arxiv_https___arxiv_org_abs_2403_00292
institution arXiv
publishDate 2024
record_format arxiv
spellingShingle Enhancing Jailbreak Attacks with Diversity Guidance
Zhang, Xu
Jing, Dinghao
Wan, Xiaojun
Computation and Language
As large language models(LLMs) become commonplace in practical applications, the security issues of LLMs have attracted societal concerns. Although extensive efforts have been made to safety alignment, LLMs remain vulnerable to jailbreak attacks. We find that redundant computations limit the performance of existing jailbreak attack methods. Therefore, we propose DPP-based Stochastic Trigger Searching (DSTS), a new optimization algorithm for jailbreak attacks. DSTS incorporates diversity guidance through techniques including stochastic gradient search and DPP selection during optimization. Detailed experiments and ablation studies demonstrate the effectiveness of the algorithm. Moreover, we use the proposed algorithm to compute the risk boundaries for different LLMs, providing a new perspective on LLM safety evaluation.
title Enhancing Jailbreak Attacks with Diversity Guidance
topic Computation and Language
url https://arxiv.org/abs/2403.00292