JailbreakLens: Visual Analysis of Jailbreak Attacks Against Large Language Models
This work addresses security vulnerabilities in LLMs for researchers and practitioners, but it is incremental as it builds on existing analysis methods with a new tool.
The authors tackled the problem of analyzing jailbreak attacks against large language models (LLMs) by developing JailbreakLens, a visual analysis system that automates assessment and supports exploration of prompt characteristics, demonstrating effectiveness in helping users evaluate model security and identify weaknesses.
The proliferation of large language models (LLMs) has underscored concerns regarding their security vulnerabilities, notably against jailbreak attacks, where adversaries design jailbreak prompts to circumvent safety mechanisms for potential misuse. Addressing these concerns necessitates a comprehensive analysis of jailbreak prompts to evaluate LLMs' defensive capabilities and identify potential weaknesses. However, the complexity of evaluating jailbreak performance and understanding prompt characteristics makes this analysis laborious. We collaborate with domain experts to characterize problems and propose an LLM-assisted framework to streamline the analysis process. It provides automatic jailbreak assessment to facilitate performance evaluation and support analysis of components and keywords in prompts. Based on the framework, we design JailbreakLens, a visual analysis system that enables users to explore the jailbreak performance against the target model, conduct multi-level analysis of prompt characteristics, and refine prompt instances to verify findings. Through a case study, technical evaluations, and expert interviews, we demonstrate our system's effectiveness in helping users evaluate model security and identify model weaknesses.