Red Teaming the Mind of the Machine: A Systematic Evaluation of Prompt Injection and Jailbreak Vulnerabilities in LLMs
Chetan Pathade
TL;DR
This paper systematically evaluates prompt injection and jailbreak vulnerabilities in leading LLMs, analyzing over 1,400 adversarial prompts, and proposes layered mitigation strategies for improved security.
Contribution
It categorizes and analyzes a large set of adversarial prompts against multiple LLMs, and introduces mitigation strategies and a hybrid approach for enhanced robustness.
Findings
Prompt injection success varies across models.
Layered mitigation strategies improve security.
Hybrid red-teaming and sandboxing are recommended.
Abstract
Large Language Models (LLMs) are increasingly integrated into consumer and enterprise applications. Despite their capabilities, they remain susceptible to adversarial attacks such as prompt injection and jailbreaks that override alignment safeguards. This paper provides a systematic investigation of jailbreak strategies against various state-of-the-art LLMs. We categorize over 1,400 adversarial prompts, analyze their success against GPT-4, Claude 2, Mistral 7B, and Vicuna, and examine their generalizability and construction logic. We further propose layered mitigation strategies and recommend a hybrid red-teaming and sandboxing approach for robust LLM security.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsAdversarial Robustness in Machine Learning · Ethics and Social Impacts of AI · Advanced Malware Detection Techniques
MethodsLinear Layer · Multi-Head Attention · Dense Connections · Attention Is All You Need · Dropout · Layer Normalization · Position-Wise Feed-Forward Layer · Byte Pair Encoding · Softmax · Absolute Position Encodings