Saved in:
Bibliographic Details
Main Authors: Ma, Tengyun, Yao, Jiaqi, He, Daojing, Peng, Shihao, Li, Yu, Liu, Shaohui, Tian, Zhuotao
Format: Preprint
Published: 2025
Subjects:
Online Access:https://arxiv.org/abs/2512.03720
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866912746317021184
author Ma, Tengyun
Yao, Jiaqi
He, Daojing
Peng, Shihao
Li, Yu
Liu, Shaohui
Tian, Zhuotao
author_facet Ma, Tengyun
Yao, Jiaqi
He, Daojing
Peng, Shihao
Li, Yu
Liu, Shaohui
Tian, Zhuotao
contents Large Language Models (LLMs) have emerged as powerful tools for diverse applications. However, their uniform token processing paradigm introduces critical vulnerabilities in instruction handling, particularly when exposed to adversarial scenarios. In this work, we identify and propose a novel class of vulnerabilities, termed Tool-Completion Attack (TCA), which exploits function-calling mechanisms to subvert model behavior. To evaluate LLM robustness against such threats, we introduce the Tool-Completion benchmark, a comprehensive security assessment framework, which reveals that even state-of-the-art models remain susceptible to TCA, with surprisingly high attack success rates. To address these vulnerabilities, we introduce Context-Aware Hierarchical Learning (CAHL), a sophisticated mechanism that dynamically balances semantic comprehension with role-specific instruction constraints. CAHL leverages the contextual correlations between different instruction segments to establish a robust, context-aware instruction hierarchy. Extensive experiments demonstrate that CAHL significantly enhances LLM robustness against both conventional attacks and the proposed TCA, exhibiting strong generalization capabilities in zero-shot evaluations while still preserving model performance on generic tasks. Our code is available at https://github.com/S2AILab/CAHL.
format Preprint
id arxiv_https___arxiv_org_abs_2512_03720
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle Context-Aware Hierarchical Learning: A Two-Step Paradigm towards Safer LLMs
Ma, Tengyun
Yao, Jiaqi
He, Daojing
Peng, Shihao
Li, Yu
Liu, Shaohui
Tian, Zhuotao
Cryptography and Security
Artificial Intelligence
Large Language Models (LLMs) have emerged as powerful tools for diverse applications. However, their uniform token processing paradigm introduces critical vulnerabilities in instruction handling, particularly when exposed to adversarial scenarios. In this work, we identify and propose a novel class of vulnerabilities, termed Tool-Completion Attack (TCA), which exploits function-calling mechanisms to subvert model behavior. To evaluate LLM robustness against such threats, we introduce the Tool-Completion benchmark, a comprehensive security assessment framework, which reveals that even state-of-the-art models remain susceptible to TCA, with surprisingly high attack success rates. To address these vulnerabilities, we introduce Context-Aware Hierarchical Learning (CAHL), a sophisticated mechanism that dynamically balances semantic comprehension with role-specific instruction constraints. CAHL leverages the contextual correlations between different instruction segments to establish a robust, context-aware instruction hierarchy. Extensive experiments demonstrate that CAHL significantly enhances LLM robustness against both conventional attacks and the proposed TCA, exhibiting strong generalization capabilities in zero-shot evaluations while still preserving model performance on generic tasks. Our code is available at https://github.com/S2AILab/CAHL.
title Context-Aware Hierarchical Learning: A Two-Step Paradigm towards Safer LLMs
topic Cryptography and Security
Artificial Intelligence
url https://arxiv.org/abs/2512.03720