Diversity Helps Jailbreak Large Language Models
Zhao, Weiliang, Ben-Levi, Daniel, Yang, Junfeng, Mao, Chengzhi
–arXiv.org Artificial Intelligence
We have uncovered a powerful jailbreak technique that leverages large language models' ability to diverge from prior context, enabling them to bypass safety constraints and generate harmful outputs. By simply instructing the LLM to deviate and obfuscate previous attacks, our method dramatically outperforms existing approaches, achieving up to a 62% higher success rate in compromising nine leading chatbots, including GPT-4, Gemini, and Llama, while using only 13% of the queries. This revelation exposes a critical flaw in current LLM safety training, suggesting that existing methods may merely mask vulnerabilities rather than eliminate them. Our findings sound an urgent alarm for the need to revolutionize testing methodologies to ensure robust and reliable LLM security. Figure 1: Example of our successful jailbreak attack on OpenAI's new model GPT-4o, where the attack goal is to write a tutorial on how to make and distribute counterfeit goods. The adversarial prompt was generated during ...
arXiv.org Artificial Intelligence
Nov-6-2024
- Country:
- North America > United States > New York > New York County > New York City (0.04)
- Genre:
- Research Report > New Finding (1.00)
- Industry:
- Information Technology > Security & Privacy (1.00)
- Government (0.93)
- Law Enforcement & Public Safety (0.93)
- Media > News (0.68)
- Technology: