Summary of Cold-attack: Jailbreaking Llms with Stealthiness and Controllability, by Xingang Guo et al.
COLD-Attack: Jailbreaking LLMs with Stealthiness and Controllability
by Xingang Guo, Fangxu Yu, Huan Zhang, Lianhui Qin, Bin Hu
First submitted to arxiv on: 13 Feb 2024
Categories
- Main: Machine Learning (cs.LG)
- Secondary: Artificial Intelligence (cs.AI); Computation and Language (cs.CL)
GrooveSquid.com Paper Summaries
GrooveSquid.com’s goal is to make artificial intelligence research accessible by summarizing AI papers in simpler terms. Each summary below covers the same AI paper, written at different levels of difficulty. The medium difficulty and low difficulty versions are original summaries written by GrooveSquid.com, while the high difficulty version is the paper’s original abstract. Feel free to learn from the version that suits you best!
| Summary difficulty | Written by | Summary |
|---|---|---|
| High | Paper authors | High Difficulty Summary Read the original abstract here |
| Medium | GrooveSquid.com (original content) | Medium Difficulty Summary This paper addresses the growing concern of “jailbreaks” on large language models (LLMs). By exploring controllable jailbreaking, researchers aim to develop methods that enforce control on LLM attacks. The study formalizes the problem and builds a connection between it and controllable text generation. The authors adapt an existing algorithm called Energy-based Constrained Decoding with Langevin Dynamics (COLD) to create the COLD-Attack framework, which automates the search for adversarial LLM attacks under various control requirements. This framework enables diverse new jailbreak scenarios, including revising user queries and inserting stealthy attacks in context. |
| Low | GrooveSquid.com (original content) | Low Difficulty Summary Large language models have recently experienced “jailbreaks.” To make these models safer, researchers need to understand how to control these attacks. The paper studies controllable jailbreaking and develops a method called COLD-Attack. This framework helps find bad attacks that can be controlled. It also shows how to revise user queries or hide attacks in text. |
Keywords
* Artificial intelligence * Text generation
