Subtoxic Questions: Dive Into Attitude Change of LLM's Response in Jailbreak Attempts
This work addresses security concerns for LLM developers and users, but it appears incremental as it builds on existing jailbreaking research.
The paper tackles the problem of evaluating jailbreak attacks on LLMs by proposing a method that uses sensitive target questions to identify vulnerabilities, contributing to improved LLM security.
As Large Language Models (LLMs) of Prompt Jailbreaking are getting more and more attention, it is of great significance to raise a generalized research paradigm to evaluate attack strengths and a basic model to conduct subtler experiments. In this paper, we propose a novel approach by focusing on a set of target questions that are inherently more sensitive to jailbreak prompts, aiming to circumvent the limitations posed by enhanced LLM security. Through designing and analyzing these sensitive questions, this paper reveals a more effective method of identifying vulnerabilities in LLMs, thereby contributing to the advancement of LLM security. This research not only challenges existing jailbreaking methodologies but also fortifies LLMs against potential exploits.