Exploring Straightforward Conversational Red-Teaming
This addresses security vulnerabilities in conversational AI systems for businesses, but it is incremental as it builds on existing red-teaming concepts.
The paper tackled the problem of security and ethical risks in large language models (LLMs) used in business dialogue systems by exploring straightforward red-teaming approaches, finding that off-the-shelf LLMs can act as effective red teamers to elicit undesired outputs, with effectiveness decreasing as alignment increases.
Large language models (LLMs) are increasingly used in business dialogue systems but they pose security and ethical risks. Multi-turn conversations, where context influences the model's behavior, can be exploited to produce undesired responses. In this paper, we examine the effectiveness of utilizing off-the-shelf LLMs in straightforward red-teaming approaches, where an attacker LLM aims to elicit undesired output from a target LLM, comparing both single-turn and conversational red-teaming tactics. Our experiments offer insights into various usage strategies that significantly affect their performance as red teamers. They suggest that off-the-shelf models can act as effective red teamers and even adjust their attack strategy based on past attempts, although their effectiveness decreases with greater alignment.