Challenge: Rapid progress in open-source Large Language Models (LLMs) is driving AI development, but lacks sufficient trustworthiness to detect and mitigate adversarial demonstrations.
Approach: They propose an extended Chain of Utterances-based (CoU) prompting strategy to attack open-source LLMs.
Outcome: The proposed attack strategy is based on malicious demonstrations and toxicity tests on open-source models.

Similar Papers

Don’t Go To Extremes: Revealing the Excessive Sensitivity and Calibration Limitations of LLMs in Implicit Hate Speech Detection (2024.acl-long)

Copied to clipboard

Challenge: Several studies have examined whether large language models exhibit bias or discrimination against individuals or groups in terms of protected attributes like race, gender, or religion.
Approach: They evaluate LLMs' ability to detect implicit hate speech and express confidence in their responses by considering prompt patterns and mainstream uncertainty estimation methods.
Outcome: The proposed models exhibit two extremes: (1) excessive sensitivity towards groups or topics that may cause fairness issues, resulting in misclassifying benign statements as hate speech; (2) confidence scores for each method excessively concentrate on a fixed range, remaining unchanged regardless of the dataset’s complexity.
Vulnerabilities of Large Language Models to Adversarial Attacks (2024.acl-tutorials)

Copied to clipboard

Challenge: This tutorial focuses on the vulnerabilities of Large Language Models to adversarial attacks . the tutorial lays the foundation by explaining safety-aligned models and concepts in cybersecurity .
Approach: This tutorial lays the foundation by explaining safety-aligned LLMs and concepts in cybersecurity.
Outcome: The tutorial lays the foundation by explaining safety-aligned models and concepts in cybersecurity.
FLEX: A Benchmark for Evaluating Robustness of Fairness in Large Language Models (2025.findings-naacl)

Copied to clipboard

Challenge: Existing safety evaluations may overlook the inherent weaknesses of Large Language Models, despite their benefits.
Approach: They propose a benchmark to evaluate the robustness of Large Language Models under extreme conditions.
Outcome: The proposed approach evaluates the fairness of large language models under extreme conditions.
Bias in the Mirror : Are LLMs opinions robust to their own adversarial attacks (2025.acl-long)

Copied to clipboard

Challenge: Existing work on large language models lacks robustness, highlighting the limitations of such models.
Approach: They propose a novel approach where two LLMs engage in self-debate to persuade a neutral version of the model.
Outcome: The proposed approach examines whether large language models are robust during interactions and whether they are susceptible to reinforcing misinformation or shifting to harmful viewpoints.
SHIELD: Evaluation and Defense Strategies for Copyright Compliance in LLM Text Generation (2024.emnlp-main)

Copied to clipboard

Challenge: Large Language Models (LLMs) have transformed machine learning but have raised significant legal concerns due to their potential to produce text that infringes on copyrights.
Approach: They propose a lightweight, real-time defense mechanism to prevent the generation of copyrighted text by evaluating methods and testing attack strategies.
Outcome: The proposed defense significantly reduces the volume of copyrighted text generated by LLMs by effectively refusing malicious requests.
Intrinsic Model Weaknesses: How Priming Attacks Unveil Vulnerabilities in Large Language Models (2025.findings-naacl)

Copied to clipboard

Challenge: Large language models (LLMs) have significant impact on various industries and societal functions due to advanced instruction-following capabilities.
Approach: They developed and tested novel attack strategies on popular LLMs to expose their vulnerabilities in generating harmful content.
Outcome: The proposed attacks achieved an ASR of 100% on open-source models, including Meta’s Llama-3.2, Google’s Gemma-2, Mistral’s Mistral-NeMo, Falcon’s Falcon-mamba, Apple’s DCLM, Microsoft’s Phi3, and Qwen’s Qwend2.5, among others.
Close or Cloze? Assessing the Robustness of Large Language Models to Adversarial Perturbations via Word Recovery (2025.coling-main)

Copied to clipboard

Challenge: Existing models implicitly recover the original text, but it is unclear when they rely on context and when they implicitly do so.
Approach: They propose to use a dictionary to recover adversarial words by using a phonetic, typo, and visual attack to study word recovery performance.
Outcome: The proposed model outperforms open-source models on hateful, offensive, and toxic classification tasks.
Combating Security and Privacy Issues in the Era of Large Language Models (2024.naacl-tutorials)

Copied to clipboard

Challenge: a tutorial aims to provide a summary of risks and vulnerabilities in large language models . a number of studies have focused on security, privacy and copyright aspects of LLMs .
Approach: This tutorial seeks to provide a systematic summary of risks and vulnerabilities in large language models . authors will discuss security, privacy and copyright aspects of LLMs .
Outcome: This tutorial aims to provide a systematic summary of risks and vulnerabilities in large language models . it will also outline emerging challenges in security, privacy and reliability of LLMs .
LLMs Caught in the Crossfire: Malware Requests and Jailbreak Challenges (2025.acl-long)

Copied to clipboard

Challenge: Large Language Models (LLMs) have a high vulnerability to jailbreak attacks that leverage crafted prompts to generate malicious outputs.
Approach: They propose to use large language models to test their security against jailbreak attacks that leverage crafted prompts to generate malicious outputs.
Outcome: The proposed model is based on 320 manually crafted malicious code generation requirements, covering 11 jailbreak methods and 29 code functionality categories.
RoCoIns: Enhancing Robustness of Large Language Models through Code-Style Instructions (2024.lrec-main)

Copied to clipboard

Challenge: Large Language Models (LLMs) have shown remarkable capabilities in following human instructions and solving NLU tasks.
Approach: They propose to use code style instructions to replace typically natural language instructions to provide more precise instructions and strengthen the robustness of LLMs.
Outcome: The proposed method outperforms natural language models on eight robustness datasets and achieves an improvement of 5.68% in test set accuracy and a reduction of 5.66 points in Attack Success Rate (ASR).

What is GenGO?

GenGO is an NLP powered publication search system. It currenctly indexes 30k+ papers from ACL Anthology, and implements multi-aspect summarization, semantic search, and more!

Information

About
Limitations