Large language models are aligned to be safe, preventing users from generating harmful content like misinformation or instructions for illegal activities. However, previous work has shown that the alignment process is vulnerable to poisoning attacks. Adversaries can manipulate the safety training data to inject backdoors that act like a universal sudo command: adding the backdoor string to any prompt enables harmful responses from models that, otherwise, behave safely. Our competition, co-located at IEEE SaTML 2024, challenged participants to find universal backdoors in several large language models. This report summarizes the key findings and promising ideas for future research.
Competition Report: Finding Universal Jailbreak Backdoors in Aligned LLMs
Researchers identified vulnerabilities in safety alignment of large language models, highlighting the presence of universal backdoors in response to poisoning attacks on safety training data.
- Year
- 2024
- Venue
- arXiv 2024
- Authors
- 7
- Hosting
- Abstract onlyARXIV-DEFAULT
Cite
Notes
Only stored in your browser.
Attribution
- Abstract & full text
- arxiv.org/abs/2404.14461v2ARXIV-DEFAULT
- TL;DR
- Semantic Scholar