Jailbreaking Large Language Models
Visiting researcher Dr Basant Agarwal presented his research on bypassing security mechanisms baked into large language models called jailbreaking.
Large Language Models (LLMs) such as ChatGPT, Llama, and Qwen have demonstrated remarkable capabilities across a wide range of natural language processing tasks. To ensure safe deployment, these models are aligned using techniques such as Supervised Fine-Tuning (SFT) and Reinforcement Learning from Human Feedback (RLHF). However, recent studies have shown that carefully crafted adversarial prompts can bypass these safety mechanisms, a phenomenon known as jailbreaking. In his presentation, Basant proposed a new technique for jailbreaking LLMs, which uses an Evolutionary Algorithm (EA) to optimise a universal adversarial suffix to be attached to user queries such that when attached to a user’s input query, the suffix produces an output from the model whose safety alignment will be disturbed.

