Sunday, April 14, 2024

BEAST AI Jailbreak Language Models Within 1 Minute With High Accuracy

Malicious hackers sometimes jailbreak language models (LMs) to exploit bugs in the systems so that they can perform a multitude of illicit activities. 

However, this is also driven by the need to gather classified information, introduce malicious materials, and tamper with the model’s authenticity.

Cybersecurity researchers from the University of Maryland, College Park, USA, discovered that BEAST AI managed to jailbreak the language models within 1 minute with high accuracy:-

  • Vinu Sankar Sadasivan
  • Shoumik Saha
  • Gaurang Sriramanan
  • Priyatham Kattakinda
  • Atoosa Chegini
  • Soheil Feizi

Language Models (LMs) recently gained massive popularity for tasks like Q&A and code generation. Techniques aim to align them with human values for safety. But they can be manipulated.

The recent findings reveal flaws in aligned LMs allowing for harmful content generation, termed “jailbreaking.”

BEAST AI Jailbreak

Manual prompts jailbreak LMs (Perez & Ribeiro, 2022). Zou et al. (2023) use gradient-based attacks, yielding gibberish. Zhu et al. (2023) opt for a readable, gradient-based, greedy attack with high success. 

Liu et al. (2023b) and Chao et al. (2023) propose gradient-free attacks requiring GPT-4 access. Jailbreaks induce unsafe LM behavior but also aid privacy attacks (Liu et al., 2023c). Zhu et al. (2023) automate privacy attacks. 

BEAST is a fast, gradient-free, Beam Search-based Adversarial Attack that demonstrates the LM vulnerabilities in one GPU minute. 

Beam Search-based Adversarial Attack (BEAST) (Source – Arxiv)

It allows tunable parameters for speed, success, and readability tradeoffs. BEAST excels in jailbreaking (89% success on Vicuna-7Bv1.5 in a minute). 

Human studies show 15% more incorrect outputs and 22% irrelevant content, making LM chatbots less useful through efficient hallucination attacks.

Compared to other models, BEAST is primarily designed for quick adversarial attacks. BEAST excels in constrained settings for jailbreaking aligned LMs.

However, researchers found that it struggles with finely tuned LLaMA-2-7B-Chat, which is a limitation.

Cybersecurity analysts used Amazon Mechanical Turk for manual surveys on LM jailbreaking and hallucination. Workers assess prompts with BEAST-generated suffixes. 

Responses from Vicuna-7B-v1.5 are shown to 5 workers per prompt. For hallucination, the workers evaluate LM responses using clean and adversarial prompts.

⁤This report contributes to the development of machine learning by identifying the security flaws in LMs and also reveals present problems inherent in LMs. ⁤

⁤However, researchers have found new doors that expose dangerous things, leading to future research on more reliable and secure language models.

You can block malware, including Trojans, ransomware, spyware, rootkits, worms, and zero-day exploits, with Perimeter81 malware protection. All are incredibly harmful, can wreak havoc, and damage your network.

Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.


Latest articles

Alert! Palo Alto RCE Zero-day Vulnerability Actively Exploited in the Wild

In a recent security bulletin, Palo Alto Networks disclosed a critical vulnerability in its...

6-year-old Lighttpd Flaw Impacts Intel And Lenovo Servers

The software supply chain is filled with various challenges, such as untracked security vulnerabilities...

Hackers Employ Deepfake Technology To Impersonate as LastPass CEO

A LastPass employee recently became the target of an attempted fraud involving sophisticated audio...

Sisence Data Breach, CISA Urges To Reset Login Credentials

In response to a recent data breach at Sisense, a provider of data analytics...

DuckDuckGo Launches Privacy Pro: 3-in-1 service With VPN

DuckDuckGo has launched Privacy Pro, a new subscription service that promises to enhance user...

Cyber Attack Surge by 28%:Education Sector at High Risk

In Q1 2024, Check Point Research (CPR) witnessed a notable increase in the average...

Midnight Blizzard’s Microsoft Corporate Email Hack Threatens Federal Agencies: CISA Warns

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive concerning a...
Tushar Subhra Dutta
Tushar Subhra Dutta
Tushar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.

Top 3 SME Attack Vectors

Securing the Top 3 SME Attack Vectors

Cybercriminals are laying siege to small-to-medium enterprises (SMEs) across sectors. 73% of SMEs know they were breached in 2023. The real rate could be closer to 100%.

  • Stolen credentials
  • Phishing
  • Exploitation of vulnerabilities

Related Articles