Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | Preprint |
| Published: |
2024
|
| Subjects: | |
| Online Access: | https://arxiv.org/abs/2409.16783 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1866917786692878336 |
|---|---|
| author | Zhang, Jinchuan Zhou, Yan Liu, Yaxin Li, Ziming Hu, Songlin |
| author_facet | Zhang, Jinchuan Zhou, Yan Liu, Yaxin Li, Ziming Hu, Songlin |
| contents | Automated red teaming is an effective method for identifying misaligned behaviors in large language models (LLMs). Existing approaches, however, often focus primarily on improving attack success rates while overlooking the need for comprehensive test case coverage. Additionally, most of these methods are limited to single-turn red teaming, failing to capture the multi-turn dynamics of real-world human-machine interactions. To overcome these limitations, we propose HARM (Holistic Automated Red teaMing), which scales up the diversity of test cases using a top-down approach based on an extensible, fine-grained risk taxonomy. Our method also leverages a novel fine-tuning strategy and reinforcement learning techniques to facilitate multi-turn adversarial probing in a human-like manner. Experimental results demonstrate that our framework enables a more systematic understanding of model vulnerabilities and offers more targeted guidance for the alignment process. |
| format | Preprint |
| id |
arxiv_https___arxiv_org_abs_2409_16783 |
| institution | arXiv |
| publishDate | 2024 |
| record_format | arxiv |
| spellingShingle | Holistic Automated Red Teaming for Large Language Models through Top-Down Test Case Generation and Multi-turn Interaction Zhang, Jinchuan Zhou, Yan Liu, Yaxin Li, Ziming Hu, Songlin Computation and Language Artificial Intelligence Cryptography and Security Automated red teaming is an effective method for identifying misaligned behaviors in large language models (LLMs). Existing approaches, however, often focus primarily on improving attack success rates while overlooking the need for comprehensive test case coverage. Additionally, most of these methods are limited to single-turn red teaming, failing to capture the multi-turn dynamics of real-world human-machine interactions. To overcome these limitations, we propose HARM (Holistic Automated Red teaMing), which scales up the diversity of test cases using a top-down approach based on an extensible, fine-grained risk taxonomy. Our method also leverages a novel fine-tuning strategy and reinforcement learning techniques to facilitate multi-turn adversarial probing in a human-like manner. Experimental results demonstrate that our framework enables a more systematic understanding of model vulnerabilities and offers more targeted guidance for the alignment process. |
| title | Holistic Automated Red Teaming for Large Language Models through Top-Down Test Case Generation and Multi-turn Interaction |
| topic | Computation and Language Artificial Intelligence Cryptography and Security |
| url | https://arxiv.org/abs/2409.16783 |