Tree of Attacks: Jailbreaking Black-Box LLMs Automatically

4 December 2023

Papers citing "Tree of Attacks: Jailbreaking Black-Box LLMs Automatically"

50 / 169 papers shown

Title
A Survey of Attacks on Large Language Models Wenrui Xu Keshab K. Parhi AAML ELM 14 0 0 18 May 2025
One Trigger Token Is Enough: A Defense Strategy for Balancing Safety and Usability in Large Language Models Haoran Gu Handing Wang Yi Mei Mengjie Zhang Yaochu Jin 27 0 0 12 May 2025
OET: Optimization-based prompt injection Evaluation Toolkit Jinsheng Pan Xiaogeng Liu Chaowei Xiao AAML 71 0 0 01 May 2025
Token-Efficient Prompt Injection Attack: Provoking Cessation in LLM Reasoning via Adaptive Token Compression Yu Cui Yujun Cai Yijiao Wang SILM AAML LRM 49 1 0 29 Apr 2025
A Cryptographic Perspective on Mitigation vs. Detection in Machine Learning Greg Gluch Shafi Goldwasser AAML 37 0 0 28 Apr 2025
Prompt Injection Attack to Tool Selection in LLM Agents Jiawen Shi Zenghui Yuan Guiyao Tie Pan Zhou Neil Zhenqiang Gong Lichao Sun LLMAG 51 0 0 28 Apr 2025
JailbreaksOverTime: Detecting Jailbreak Attacks Under Distribution Shift Julien Piet Xiao Huang Dennis Jacob Annabella Chow Maha Alrashed Geng Zhao Zhanhao Hu Chawin Sitawarin Basel Alomair David Wagner AAML 70 0 0 28 Apr 2025
Graph of Attacks: Improved Black-Box and Interpretable Jailbreaks for LLMs Mohammad Akbar-Tajari Mohammad Taher Pilehvar Mohammad Mahmoody AAML 51 0 0 26 Apr 2025
WASP: Benchmarking Web Agent Security Against Prompt Injection Attacks Ivan Evtimov Arman Zharmagambetov Aaron Grattafiori Chuan Guo Kamalika Chaudhuri AAML 35 1 0 22 Apr 2025
RainbowPlus: Enhancing Adversarial Prompt Generation via Evolutionary Quality-Diversity Search Quy-Anh Dang Chris Ngo Truong-Son Hy AAML SyDa 33 0 0 21 Apr 2025
GraphAttack: Exploiting Representational Blindspots in LLM Safety Mechanisms Sinan He An Wang 35 0 0 17 Apr 2025
The Jailbreak Tax: How Useful are Your Jailbreak Outputs? Kristina Nikolić Luze Sun Jie Zhang F. Tramèr 28 0 0 14 Apr 2025
Benchmarking Adversarial Robustness to Bias Elicitation in Large Language Models: Scalable Automated Assessment with LLM-as-a-Judge Riccardo Cantini A. Orsino Massimo Ruggiero Domenico Talia AAML ELM 45 0 0 10 Apr 2025
Geneshift: Impact of different scenario shift on Jailbreaking LLM Tianyi Wu Zhiwei Xue Yue Liu Jiaheng Zhang Bryan Hooi See-Kiong Ng 41 0 0 10 Apr 2025
NLP Security and Ethics, in the Wild Heather Lent Erick Galinkin Yiyi Chen Jens Myrup Pedersen Leon Derczynski Johannes Bjerva SILM 47 0 0 09 Apr 2025
Separator Injection Attack: Uncovering Dialogue Biases in Large Language Models Caused by Role Separators Xitao Li Haoran Wang Jiang Wu Ting Liu AAML 26 0 0 08 Apr 2025
Sugar-Coated Poison: Benign Generation Unlocks LLM Jailbreaking Yu-Hang Wu Yu-Jie Xiong Jie-Zhang AAML 30 0 0 08 Apr 2025
A Domain-Based Taxonomy of Jailbreak Vulnerabilities in Large Language Models Carlos Peláez-González Andrés Herrera-Poyatos Cristina Zuheros David Herrera-Poyatos Virilo Tejedor F. Herrera AAML 24 0 0 07 Apr 2025
Revealing the Intrinsic Ethical Vulnerability of Aligned Large Language Models Jiawei Lian Jianhong Pan L. Wang Yi Wang Shaohui Mei Lap-Pui Chau AAML 31 0 0 07 Apr 2025
Evolving Security in LLMs: A Study of Jailbreak Attacks and Defenses Zhengchun Shang Wenlan Wei AAML 45 1 0 02 Apr 2025
STShield: Single-Token Sentinel for Real-Time Jailbreak Detection in Large Language Models Xunguang Wang Wenxuan Wang Zhenlan Ji Zongjie Li Pingchuan Ma Daoyuan Wu Shuai Wang 50 0 0 23 Mar 2025
AutoRedTeamer: Autonomous Red Teaming with Lifelong Attack Integration Andy Zhou Kevin E. Wu Francesco Pinto Z. Chen Yi Zeng Yu Yang Shuang Yang Sanmi Koyejo James Zou Bo Li LLMAG AAML 77 0 0 20 Mar 2025
AI Companies Should Report Pre- and Post-Mitigation Safety Evaluations Dillon Bowen Ann-Kathrin Dombrowski Adam Gleave Chris Cundy ELM 53 0 0 17 Mar 2025
Multi-Agent Systems Execute Arbitrary Malicious Code Harold Triedman Rishi Jha Vitaly Shmatikov LLMAG AAML 99 2 0 15 Mar 2025
Safe Vision-Language Models via Unsafe Weights Manipulation Moreno DÍncà E. Peruzzo Xingqian Xu Humphrey Shi N. Sebe Massimiliano Mancini MU 60 0 0 14 Mar 2025
Tempest: Autonomous Multi-Turn Jailbreaking of Large Language Models with Tree Search Andy Zhou Ron Arel MU 69 0 0 13 Mar 2025
Using Mechanistic Interpretability to Craft Adversarial Attacks against Large Language Models Thomas Winninger Boussad Addad Katarzyna Kapusta AAML 68 0 0 08 Mar 2025
MAD-MAX: Modular And Diverse Malicious Attack MiXtures for Automated LLM Red Teaming Stefan Schoepf Muhammad Zaid Hameed Ambrish Rawat Kieran Fraser Giulio Zizzo Giandomenico Cornacchia Mark Purcell 42 0 0 08 Mar 2025
Jailbreaking Safeguarded Text-to-Image Models via Large Language Models Zhengyuan Jiang Yuepeng Hu Yuqing Yang Yinzhi Cao Neil Zhenqiang Gong 72 0 0 03 Mar 2025
Adaptively profiling models with task elicitation Davis Brown Prithvi Balehannina Helen Jin Shreya Havaldar Hamed Hassani Eric Wong ALM ELM 108 0 0 03 Mar 2025
Steering Dialogue Dynamics for Robustness against Multi-turn Jailbreaking Attacks Hanjiang Hu Alexander Robey Changliu Liu AAML LLMSV 47 1 0 28 Feb 2025
Shh, don't say that! Domain Certification in LLMs Cornelius Emde Alasdair Paren Preetham Arvind Maxime Kayser Tom Rainforth Thomas Lukasiewicz Guohao Li Philip Torr Adel Bibi 53 1 0 26 Feb 2025
Attention Eclipse: Manipulating Attention to Bypass LLM Safety-Alignment Pedram Zaree Md Abdullah Al Mamun Quazi Mishkatul Alam Yue Dong Ihsen Alouani Nael B. Abu-Ghazaleh AAML 41 0 0 24 Feb 2025
REINFORCE Adversarial Attacks on Large Language Models: An Adaptive, Distributional, and Semantic Objective Simon Geisler Tom Wollschlager M. H. I. Abdalla Vincent Cohen-Addad Johannes Gasteiger Stephan Günnemann AAML 88 2 0 24 Feb 2025
Adversarial Prompt Evaluation: Systematic Benchmarking of Guardrails Against Prompt Input Attacks on LLMs Giulio Zizzo Giandomenico Cornacchia Kieran Fraser Muhammad Zaid Hameed Ambrish Rawat Beat Buesser Mark Purcell Pin-Yu Chen P. Sattigeri Kush R. Varshney AAML 43 2 0 24 Feb 2025
SafeRoute: Adaptive Model Selection for Efficient and Accurate Safety Guardrails in Large Language Models Seanie Lee Dong Bok Lee Dominik Wagner Minki Kang Haebin Seong Tobias Bocklet Juho Lee Sung Ju Hwang 12 1 0 18 Feb 2025
Computational Safety for Generative AI: A Signal Processing Perspective Pin-Yu Chen 76 1 0 18 Feb 2025
Jailbreaking to Jailbreak Jeremy Kritz Vaughn Robinson Robert Vacareanu Bijan Varjavand Michael Choi Bobby Gogov Scale Red Team Summer Yue Willow Primack Zifan Wang 231 2 0 09 Feb 2025
Confidence Elicitation: A New Attack Vector for Large Language Models Brian Formento Chuan-Sheng Foo See-Kiong Ng AAML 99 0 0 07 Feb 2025
KDA: A Knowledge-Distilled Attacker for Generating Diverse Prompts to Jailbreak LLMs Buyun Liang Kwan Ho Ryan Chan D. Thaker Jinqi Luo René Vidal AAML 46 0 0 05 Feb 2025
Peering Behind the Shield: Guardrail Identification in Large Language Models Ziqing Yang Yixin Wu Rui Wen Michael Backes Yang Zhang 63 1 0 03 Feb 2025
When LLM Meets DRL: Advancing Jailbreaking Efficiency via DRL-guided Search Xuan Chen Yuzhou Nie Wenbo Guo Xiangyu Zhang 112 10 0 28 Jan 2025
Refining Input Guardrails: Enhancing LLM-as-a-Judge Efficiency Through Chain-of-Thought Fine-Tuning and Alignment Melissa Kazemi Rad Huy Nghiem Andy Luo Sahil Wadhwa Mohammad Sorower Stephen Rawls AAML 93 2 0 22 Jan 2025
Keeping LLMs Aligned After Fine-tuning: The Crucial Role of Prompt Templates Kaifeng Lyu Haoyu Zhao Xinran Gu Dingli Yu Anirudh Goyal Sanjeev Arora ALM 82 45 0 20 Jan 2025
Can Safety Fine-Tuning Be More Principled? Lessons Learned from Cybersecurity David Williams-King Linh Le Adam Oberman Yoshua Bengio AAML 56 0 0 19 Jan 2025
Lessons From Red Teaming 100 Generative AI Products Blake Bullwinkel Amanda Minnich Shiven Chawla Gary Lopez Martin Pouliot ... Pete Bryan Ram Shankar Siva Kumar Yonatan Zunger Chang Kawaguchi Mark Russinovich AAML VLM 39 5 0 13 Jan 2025
MRJ-Agent: An Effective Jailbreak Agent for Multi-Round Dialogue Fengxiang Wang Ranjie Duan Peng Xiao Xiaojun Jia Shiji Zhao ... Hang Su Jialing Tao Hui Xue Jun Zhu Hui Xue LLMAG 64 7 0 08 Jan 2025
LLM-Virus: Evolutionary Jailbreak Attack on Large Language Models Miao Yu Junfeng Fang Yingjie Zhou Xing Fan Kun Wang Shirui Pan Qingsong Wen AAML 61 0 0 03 Jan 2025
Dynamics of Adversarial Attacks on Large Language Model-Based Search Engines Xiyang Hu AAML 31 1 0 01 Jan 2025
Improved Large Language Model Jailbreak Detection via Pretrained Embeddings Erick Galinkin Martin Sablotny 76 0 0 02 Dec 2024