Summary of Read Over the Lines: Attacking Llms and Toxicity Detection Systems with Ascii Art to Mask Profanity, by Sergey Berezin et al.
Read Over the Lines: Attacking LLMs and Toxicity Detection Systems with ASCII Art to Mask Profanity
by Sergey Berezin, Reza Farahbakhsh, Noel Crespi
First submitted to arxiv on: 27 Sep 2024
Categories
- Main: Computation and Language (cs.CL)
- Secondary: Artificial Intelligence (cs.AI); Cryptography and Security (cs.CR)
GrooveSquid.com Paper Summaries
GrooveSquid.com’s goal is to make artificial intelligence research accessible by summarizing AI papers in simpler terms. Each summary below covers the same AI paper, written at different levels of difficulty. The medium difficulty and low difficulty versions are original summaries written by GrooveSquid.com, while the high difficulty version is the paper’s original abstract. Feel free to learn from the version that suits you best!
| Summary difficulty | Written by | Summary |
|---|---|---|
| High | Paper authors | High Difficulty Summary Read the original abstract here |
| Medium | GrooveSquid.com (original content) | Medium Difficulty Summary This novel family of adversarial attacks targets the limitation of language models in interpreting ASCII art. The authors propose the ToxASCII benchmark to evaluate these attacks and develop two custom ASCII art fonts: one utilizing special tokens and another using text-filled letter shapes. The attacks demonstrate a perfect 1.0 Attack Success Rate across ten models, including OpenAI’s o1-preview and LLaMA 3.1. |
| Low | GrooveSquid.com (original content) | Low Difficulty Summary These attacks are designed specifically to exploit the weakness of language models in understanding ASCII art. The authors create two new fonts to test these attacks, one using special tokens and another using text-filled letters. Despite being imperfect, language models can be fooled into misinterpreting ASCII art with a perfect success rate across ten models. |
Keywords
» Artificial intelligence » Llama
