Texonom
Texonom/
Engineering
Engineering/Data Engineering/Artificial Intelligence/AI Problem/AI Hacking/
AI Jailbreak
Search

AI Jailbreak

Creator
Creator
Seonglae ChoSeonglae Cho
Created
Created
2023 Mar 7 15:1
Editor
Editor
Seonglae ChoSeonglae Cho
Edited
Edited
2024 Nov 22 21:36
Refs
Refs
Prompt Engineering

Refusal Bypassing

Do Anything Now, DAN

AI Jailbreaks
Mechanistic AI Jailbreak
Universal Transferable Suffix
Visual Adversarial Attack
Persuasive Adversarial Prompt
ArtPrompt
DAN
Many shot jailbreaking
Automated AI Eliciting
Defense Jailbreaking
 
 
 

Refusal in LLMs is mediated by a single direction

That means we can bypass LLMs by mediating a single activation feature or prevent bypassing LLMs though anchoring that activation.
Refusal in LLMs is mediated by a single direction — LessWrong
This work was produced as part of Neel Nanda's stream in the ML Alignment & Theory Scholars Program - Winter 2023-24 Cohort, with co-supervision from…
Refusal in LLMs is mediated by a single direction — LessWrong
https://www.lesswrong.com/posts/jGuXSZgv6qfdhMCuJ/refusal-in-llms-is-mediated-by-a-single-direction
Refusal in LLMs is mediated by a single direction — LessWrong

MLP SVD toxic vector based steering

After applying
DPO, the weights of each layer in the model barely changed, and the vector that induces toxicity itself remained intact.
arxiv.org
https://arxiv.org/pdf/2401.01967
SFT rarely alters the underlying model capabilities which means practitioners can unintentionally remove a model’s safety wrapper by merely fine-tuning it on a superficially unrelated task
arxiv.org
https://arxiv.org/pdf/2401.01967
 
 

Recommendations

Texonom
Texonom/
Engineering
Engineering/Data Engineering/Artificial Intelligence/AI Problem/AI Hacking/
AI Jailbreak