Summary of Artprompt: Ascii Art-based Jailbreak Attacks Against Aligned Llms, by Fengqing Jiang et al.
ArtPrompt: ASCII Art-based Jailbreak Attacks against Aligned LLMs
by Fengqing Jiang, Zhangchen Xu, Luyao Niu, Zhen Xiang, Bhaskar Ramasubramanian, Bo Li, Radha Poovendran
First submitted to arxiv on: 19 Feb 2024
Categories
- Main: Computation and Language (cs.CL)
- Secondary: Artificial Intelligence (cs.AI)
GrooveSquid.com Paper Summaries
GrooveSquid.com’s goal is to make artificial intelligence research accessible by summarizing AI papers in simpler terms. Each summary below covers the same AI paper, written at different levels of difficulty. The medium difficulty and low difficulty versions are original summaries written by GrooveSquid.com, while the high difficulty version is the paper’s original abstract. Feel free to learn from the version that suits you best!
| Summary difficulty | Written by | Summary |
|---|---|---|
| High | Paper authors | High Difficulty Summary Read the original abstract here |
| Medium | GrooveSquid.com (original content) | Medium Difficulty Summary Assume you are a machine learning educator writing for a technical audience that is not specialized in the paper’s subfield. Here, we summarize an AI research paper that proposes a novel ASCII art-based jailbreak attack on large language models (LLMs). The authors show that five state-of-the-art LLMs struggle to recognize prompts provided in the form of ASCII art and develop the ArtPrompt attack, which leverages this weakness to bypass safety measures and elicit undesired behaviors from LLMs. The proposed attack only requires black-box access to the victim LLMs, making it a practical threat. To evaluate the effectiveness of ArtPrompt, the authors test it on five SOTA LLMs (GPT-3.5, GPT-4, Gemini, Claude, and Llama2) and demonstrate that it can induce undesired behaviors from all five models. This work highlights the importance of considering the limitations of semantic interpretation in safety alignment techniques for LLMs. |
| Low | GrooveSquid.com (original content) | Low Difficulty Summary Assume you are a science communicator writing for curious high school students or non-technical adults. Here’s what this paper is about: Researchers created a clever trick to make large language models do things they shouldn’t be doing! They used special art made from letters (ASCII art) that regular language models can’t understand, and then they showed that five top-performing language models struggled with these weird prompts. This meant the attackers could use this weakness to get the language models to behave in ways that were not safe or intended. The researchers tested their trick on five of the best language models and found it worked on all of them! This is important because it shows us that we need to be more careful when designing safety measures for these powerful language tools. |
Keywords
» Artificial intelligence » Alignment » Claude » Gemini » Gpt » Machine learning
