ai-digest.dev
last updated 3 h ago
SafetyarXiv cs.CL 21 d ago

Can LLMs Reliably Self-Report Adversarial Prefills, and How?

This study investigates the ability of large language models (LLMs) to recognize adversarial prefill attacks across ten instruction-tuned models ranging from 3B to 70B parameters. Findings indicate that no model consistently identifies its own compromised outputs, with an average self-report rate of only 27.3%. Various finetuning methods (SFT, GRPO, DPO) were tested, which increased the intention-probe gap but also inadvertently raised the success rate of adversarial attacks, underscoring the complexities and risks associated with LLM introspection in safety-critical applications.

llmadversarialself-reportrelevance 0.00 · engagement 0.00
Read at source ↗← all news