CodeChameleon: Personalized Encryption Framework for Jailbreaking Large Language Models

arXiv:2402.16717v1 Announce Type: cross
Abstract: Adversarial misuse, particularly through `jailbreaking' that circumvents a model's safety and ethical protocols, poses a significant challenge for Large Language Models (LLMs). This paper delves into the mechanisms behind such successful attacks, introducing a hypothesis for the safety mechanism of aligned LLMs: intent security recognition followed by response generation. Grounded in this hypothesis, we propose CodeChameleon, a novel jailbreak framework based on personalized encryption tactics. To elude the intent security recognition phase, we reformulate tasks …

adversarial arxiv attacks challenge cs.ai cs.cl cs.cr encryption ethical framework intent jailbreaking language language models large llms mechanism protocols recognition safety security