2025
ACL
ACL 2025
The TIP of the Iceberg: Revealing a Hidden Class of Task-in-Prompt Adversarial Attacks on LLMs
Abstract
AbstractWe present a novel class of jailbreak adversarial attacks on LLMs, termed Task-in-Prompt (TIP) attacks. Our approach embeds sequence-to-sequence tasks (e.g., cipher decoding, riddles, code execution) into the model’s prompt to indirectly generate prohibited inputs. To systematically assess the effectiveness of these attacks, we introduce the PHRYGE benchmark. We demonstrate that our techniques successfully circumvent safeguards in six state-of-the-art language models, including GPT-4o and LLaMA 3.2. Our findings highlight critical weaknesses in current LLM safety alignment and underscore the urgent need for more sophisticated defence strategies.
🌉
Interdisciplinary Bridge
— Artificial Intelligence and Computer Science and Machine Learning and Natural Language Processing
🧭
Keyword Pioneer
— task-in-prompt attack
🐝
Cross-Pollinator
— Artificial Intelligence, Computer Science, Computer Vision, Data Science & Analytics, Deep Learning, Healthcare & Medicine, Interdisciplinary, Knowledge & Reasoning, Machine Learning, Mathematics & Optimization, Natural Language Processing, Reinforcement Learning, Robotics, Security & Privacy, Speech & Audio
Authors
Topics
Machine Learning > Learning Types > Adversarial Learning
Natural Language Processing > Resources & Methods > Large Language Models
Computer Science > Applications > Cybersecurity
Artificial Intelligence > Core AI > Large Language Models
Artificial Intelligence > Core AI > Adversarial Learning
Artificial Intelligence > Core AI > Safety