Saved in:
Bibliographic Details
Main Authors: Zhang, Jinchuan, Zhou, Yan, Liu, Yaxin, Li, Ziming, Hu, Songlin
Format: Preprint
Published: 2024
Subjects:
Online Access:https://arxiv.org/abs/2409.16783
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866917786692878336
author Zhang, Jinchuan
Zhou, Yan
Liu, Yaxin
Li, Ziming
Hu, Songlin
author_facet Zhang, Jinchuan
Zhou, Yan
Liu, Yaxin
Li, Ziming
Hu, Songlin
contents Automated red teaming is an effective method for identifying misaligned behaviors in large language models (LLMs). Existing approaches, however, often focus primarily on improving attack success rates while overlooking the need for comprehensive test case coverage. Additionally, most of these methods are limited to single-turn red teaming, failing to capture the multi-turn dynamics of real-world human-machine interactions. To overcome these limitations, we propose HARM (Holistic Automated Red teaMing), which scales up the diversity of test cases using a top-down approach based on an extensible, fine-grained risk taxonomy. Our method also leverages a novel fine-tuning strategy and reinforcement learning techniques to facilitate multi-turn adversarial probing in a human-like manner. Experimental results demonstrate that our framework enables a more systematic understanding of model vulnerabilities and offers more targeted guidance for the alignment process.
format Preprint
id arxiv_https___arxiv_org_abs_2409_16783
institution arXiv
publishDate 2024
record_format arxiv
spellingShingle Holistic Automated Red Teaming for Large Language Models through Top-Down Test Case Generation and Multi-turn Interaction
Zhang, Jinchuan
Zhou, Yan
Liu, Yaxin
Li, Ziming
Hu, Songlin
Computation and Language
Artificial Intelligence
Cryptography and Security
Automated red teaming is an effective method for identifying misaligned behaviors in large language models (LLMs). Existing approaches, however, often focus primarily on improving attack success rates while overlooking the need for comprehensive test case coverage. Additionally, most of these methods are limited to single-turn red teaming, failing to capture the multi-turn dynamics of real-world human-machine interactions. To overcome these limitations, we propose HARM (Holistic Automated Red teaMing), which scales up the diversity of test cases using a top-down approach based on an extensible, fine-grained risk taxonomy. Our method also leverages a novel fine-tuning strategy and reinforcement learning techniques to facilitate multi-turn adversarial probing in a human-like manner. Experimental results demonstrate that our framework enables a more systematic understanding of model vulnerabilities and offers more targeted guidance for the alignment process.
title Holistic Automated Red Teaming for Large Language Models through Top-Down Test Case Generation and Multi-turn Interaction
topic Computation and Language
Artificial Intelligence
Cryptography and Security
url https://arxiv.org/abs/2409.16783