Saved in:
Bibliographic Details
Main Authors: Krylov, Alexey, Vagizov, Iskander, Korzh, Dmitrii, Douiba, Maryam, Guezzaz, Azidine, Kokh, Vladimir, Erokhin, Sergey D., Tutubalina, Elena V., Rogov, Oleg Y.
Format: Preprint
Published: 2025
Subjects:
Online Access:https://arxiv.org/abs/2508.16484
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866915457277100032
author Krylov, Alexey
Vagizov, Iskander
Korzh, Dmitrii
Douiba, Maryam
Guezzaz, Azidine
Kokh, Vladimir
Erokhin, Sergey D.
Tutubalina, Elena V.
Rogov, Oleg Y.
author_facet Krylov, Alexey
Vagizov, Iskander
Korzh, Dmitrii
Douiba, Maryam
Guezzaz, Azidine
Kokh, Vladimir
Erokhin, Sergey D.
Tutubalina, Elena V.
Rogov, Oleg Y.
contents Large Language Models (LLMs), especially their compact efficiency-oriented variants, remain susceptible to jailbreak attacks that can elicit harmful outputs despite extensive alignment efforts. Existing adversarial prompt generation techniques often rely on manual engineering or rudimentary obfuscation, producing low-quality or incoherent text that is easily flagged by perplexity-based filters. We present an automated red-teaming framework that evolves semantically meaningful and stealthy jailbreak prompts for aligned compact LLMs. The approach employs a multi-stage evolutionary search, where candidate prompts are iteratively refined using a population-based strategy augmented with temperature-controlled variability to balance exploration and coherence preservation. This enables the systematic discovery of prompts capable of bypassing alignment safeguards while maintaining natural language fluency. We evaluate our method on benchmarks in English (In-The-Wild Jailbreak Prompts on LLMs), and a newly curated Arabic one derived from In-The-Wild Jailbreak Prompts on LLMs and annotated by native Arabic linguists, enabling multilingual assessment.
format Preprint
id arxiv_https___arxiv_org_abs_2508_16484
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle HAMSA: Hijacking Aligned Compact Models via Stealthy Automation
Krylov, Alexey
Vagizov, Iskander
Korzh, Dmitrii
Douiba, Maryam
Guezzaz, Azidine
Kokh, Vladimir
Erokhin, Sergey D.
Tutubalina, Elena V.
Rogov, Oleg Y.
Computation and Language
Large Language Models (LLMs), especially their compact efficiency-oriented variants, remain susceptible to jailbreak attacks that can elicit harmful outputs despite extensive alignment efforts. Existing adversarial prompt generation techniques often rely on manual engineering or rudimentary obfuscation, producing low-quality or incoherent text that is easily flagged by perplexity-based filters. We present an automated red-teaming framework that evolves semantically meaningful and stealthy jailbreak prompts for aligned compact LLMs. The approach employs a multi-stage evolutionary search, where candidate prompts are iteratively refined using a population-based strategy augmented with temperature-controlled variability to balance exploration and coherence preservation. This enables the systematic discovery of prompts capable of bypassing alignment safeguards while maintaining natural language fluency. We evaluate our method on benchmarks in English (In-The-Wild Jailbreak Prompts on LLMs), and a newly curated Arabic one derived from In-The-Wild Jailbreak Prompts on LLMs and annotated by native Arabic linguists, enabling multilingual assessment.
title HAMSA: Hijacking Aligned Compact Models via Stealthy Automation
topic Computation and Language
url https://arxiv.org/abs/2508.16484