{"id":13539,"date":"2024-07-22T10:04:27","date_gmt":"2024-07-22T10:04:27","guid":{"rendered":"https:\/\/dailyai.com\/?p=13539"},"modified":"2024-07-22T10:04:27","modified_gmt":"2024-07-22T10:04:27","slug":"llm-refusal-training-easily-bypassed-with-past-tense-prompts","status":"publish","type":"post","link":"https:\/\/dailyai.com\/fr\/2024\/07\/llm-refusal-training-easily-bypassed-with-past-tense-prompts\/","title":{"rendered":"La formation au refus du LLM est facilement contourn\u00e9e par des messages au pass\u00e9"},"content":{"rendered":"<p><strong>Des chercheurs de l'\u00c9cole polytechnique f\u00e9d\u00e9rale de Lausanne (EPFL) ont d\u00e9couvert que l'\u00e9criture de questions dangereuses au pass\u00e9 passait outre la formation au refus des \u00e9tudiants les plus avanc\u00e9s en master de droit.<\/strong><\/p>\n<p>Les mod\u00e8les d'IA sont g\u00e9n\u00e9ralement align\u00e9s \u00e0 l'aide de techniques telles que le r\u00e9glage fin supervis\u00e9 (SFT) ou l'apprentissage par renforcement du retour d'information humain (RLHF) pour s'assurer que le mod\u00e8le ne r\u00e9pond pas \u00e0 des invites dangereuses ou ind\u00e9sirables.<\/p>\n<p>Cette formation au refus intervient lorsque vous demandez \u00e0 ChatGPT des conseils sur la fabrication d'une bombe ou de drogues. Nous avons couvert une s\u00e9rie de <a href=\"https:\/\/dailyai.com\/fr\/2024\/06\/microsoft-reveal-skeleton-key-jailbreak-which-works-across-different-ai-models\/\">techniques int\u00e9ressantes de jailbreak<\/a> La m\u00e9thode test\u00e9e par les chercheurs de l'EPFL est de loin la plus simple.<\/p>\n<p>Les chercheurs ont pris un ensemble de donn\u00e9es de 100 comportements nuisibles et ont utilis\u00e9 GPT-3.5 pour r\u00e9\u00e9crire les questions au pass\u00e9.<\/p>\n<p>Voici un exemple de la m\u00e9thode expliqu\u00e9e dans le document <a href=\"https:\/\/arxiv.org\/pdf\/2407.11969\" target=\"_blank\" rel=\"noopener\">leur document<\/a>.<\/p>\n<figure id=\"attachment_13541\" aria-describedby=\"caption-attachment-13541\" style=\"width: 1180px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-13541 size-full\" src=\"https:\/\/dailyai.com\/wp-content\/uploads\/2024\/07\/Rewrite-prompt-in-past-tense.png\" alt=\"\" width=\"1180\" height=\"574\" srcset=\"https:\/\/dailyai.com\/wp-content\/uploads\/2024\/07\/Rewrite-prompt-in-past-tense.png 1180w, https:\/\/dailyai.com\/wp-content\/uploads\/2024\/07\/Rewrite-prompt-in-past-tense-300x146.png 300w, https:\/\/dailyai.com\/wp-content\/uploads\/2024\/07\/Rewrite-prompt-in-past-tense-1024x498.png 1024w, https:\/\/dailyai.com\/wp-content\/uploads\/2024\/07\/Rewrite-prompt-in-past-tense-768x374.png 768w, https:\/\/dailyai.com\/wp-content\/uploads\/2024\/07\/Rewrite-prompt-in-past-tense-18x9.png 18w, https:\/\/dailyai.com\/wp-content\/uploads\/2024\/07\/Rewrite-prompt-in-past-tense-60x29.png 60w\" sizes=\"auto, (max-width: 1180px) 100vw, 1180px\" \/><figcaption id=\"caption-attachment-13541\" class=\"wp-caption-text\">Utilisation d'un LLM pour r\u00e9\u00e9crire des messages dangereux au pass\u00e9. Source : arXiv<\/figcaption><\/figure>\n<p>Ils ont ensuite \u00e9valu\u00e9 les r\u00e9ponses \u00e0 ces invites r\u00e9\u00e9crites de ces 8 LLM : Llama-3 8B, Claude-3.5 Sonnet, GPT-3.5 Turbo, Gemma-2 9B, Phi-3-Mini, <a href=\"https:\/\/dailyai.com\/fr\/2024\/07\/openai-releases-gpt-4o-mini-a-high-performance-super-low-cost-model\/\">GPT-4o-mini<\/a>GPT-4o et R2D2.<\/p>\n<p>Ils ont utilis\u00e9 plusieurs LLM pour \u00e9valuer les r\u00e9sultats et les classer comme des tentatives de jailbreak r\u00e9ussies ou non.<\/p>\n<p>Le simple fait de changer le temps de l'invite a eu un effet surprenant sur le taux de r\u00e9ussite de l'attaque (ASR). Le GPT-4o et le GPT-4o mini \u00e9taient particuli\u00e8rement sensibles \u00e0 cette technique.<\/p>\n<p>Le TSA de cette \"simple attaque sur GPT-4o passe de 1% en utilisant des requ\u00eates directes \u00e0 88% en utilisant 20 tentatives de reformulation au pass\u00e9 sur des requ\u00eates nuisibles\".<\/p>\n<p>Voici un exemple de la conformit\u00e9 de GPT-4o lorsque vous r\u00e9\u00e9crivez simplement l'invite au pass\u00e9. J'ai utilis\u00e9 ChatGPT pour cela et la vuln\u00e9rabilit\u00e9 n'a pas encore \u00e9t\u00e9 corrig\u00e9e.<\/p>\n<figure id=\"attachment_13542\" aria-describedby=\"caption-attachment-13542\" style=\"width: 1254px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-13542 size-full\" src=\"https:\/\/dailyai.com\/wp-content\/uploads\/2024\/07\/Present-and-past-tense-prompt-responses.png\" alt=\"\" width=\"1254\" height=\"1058\" srcset=\"https:\/\/dailyai.com\/wp-content\/uploads\/2024\/07\/Present-and-past-tense-prompt-responses.png 1254w, https:\/\/dailyai.com\/wp-content\/uploads\/2024\/07\/Present-and-past-tense-prompt-responses-300x253.png 300w, https:\/\/dailyai.com\/wp-content\/uploads\/2024\/07\/Present-and-past-tense-prompt-responses-1024x864.png 1024w, https:\/\/dailyai.com\/wp-content\/uploads\/2024\/07\/Present-and-past-tense-prompt-responses-768x648.png 768w, https:\/\/dailyai.com\/wp-content\/uploads\/2024\/07\/Present-and-past-tense-prompt-responses-14x12.png 14w, https:\/\/dailyai.com\/wp-content\/uploads\/2024\/07\/Present-and-past-tense-prompt-responses-60x51.png 60w\" sizes=\"auto, (max-width: 1254px) 100vw, 1254px\" \/><figcaption id=\"caption-attachment-13542\" class=\"wp-caption-text\">ChatGPT utilisant GPT-4o refuse une invite au pr\u00e9sent mais y r\u00e9pond lorsqu'elle est r\u00e9\u00e9crite au pass\u00e9. Source : ChatGPT ChatGPT<\/figcaption><\/figure>\n<p>L'entra\u00eenement au refus \u00e0 l'aide de RLHF et de SFT permet d'entra\u00eener un mod\u00e8le \u00e0 g\u00e9n\u00e9raliser avec succ\u00e8s le rejet d'invites nuisibles, m\u00eame s'il n'a jamais vu l'invite en question auparavant.<\/p>\n<p>Lorsque l'invite est r\u00e9dig\u00e9e au pass\u00e9, les MFR semblent perdre leur capacit\u00e9 \u00e0 g\u00e9n\u00e9raliser. Les autres LLM ne s'en sortent pas mieux que le GPT-4o, bien que le lama-3 8B semble le plus r\u00e9sistant.<\/p>\n<figure id=\"attachment_13543\" aria-describedby=\"caption-attachment-13543\" style=\"width: 1268px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-13543 size-full\" src=\"https:\/\/dailyai.com\/wp-content\/uploads\/2024\/07\/ASR-using-past-tense-prompts.png\" alt=\"\" width=\"1268\" height=\"492\" srcset=\"https:\/\/dailyai.com\/wp-content\/uploads\/2024\/07\/ASR-using-past-tense-prompts.png 1268w, https:\/\/dailyai.com\/wp-content\/uploads\/2024\/07\/ASR-using-past-tense-prompts-300x116.png 300w, https:\/\/dailyai.com\/wp-content\/uploads\/2024\/07\/ASR-using-past-tense-prompts-1024x397.png 1024w, https:\/\/dailyai.com\/wp-content\/uploads\/2024\/07\/ASR-using-past-tense-prompts-768x298.png 768w, https:\/\/dailyai.com\/wp-content\/uploads\/2024\/07\/ASR-using-past-tense-prompts-18x7.png 18w, https:\/\/dailyai.com\/wp-content\/uploads\/2024\/07\/ASR-using-past-tense-prompts-60x23.png 60w\" sizes=\"auto, (max-width: 1268px) 100vw, 1268px\" \/><figcaption id=\"caption-attachment-13543\" class=\"wp-caption-text\">Taux de r\u00e9ussite des attaques \u00e0 l'aide d'invites dangereuses au pr\u00e9sent et au pass\u00e9. Source : arXiv<\/figcaption><\/figure>\n<p>La r\u00e9\u00e9criture de l'invite au futur a entra\u00een\u00e9 une augmentation de la RAS, mais s'est av\u00e9r\u00e9e moins efficace que l'invitation au pass\u00e9.<\/p>\n<p>Les chercheurs ont conclu que cela pouvait \u00eatre d\u00fb au fait que \"les ensembles de donn\u00e9es de r\u00e9glage fin peuvent contenir une plus grande proportion de requ\u00eates nuisibles exprim\u00e9es au futur ou sous forme d'\u00e9v\u00e9nements hypoth\u00e9tiques\".<\/p>\n<p>Ils ont \u00e9galement sugg\u00e9r\u00e9 que \"le raisonnement interne du mod\u00e8le pourrait interpr\u00e9ter les demandes orient\u00e9es vers l'avenir comme potentiellement plus nuisibles, alors que les d\u00e9clarations au pass\u00e9, telles que les \u00e9v\u00e9nements historiques, pourraient \u00eatre per\u00e7ues comme plus b\u00e9nignes\".<\/p>\n<h2>Peut-on y rem\u00e9dier ?<\/h2>\n<p>D'autres exp\u00e9riences ont d\u00e9montr\u00e9 que l'ajout d'invites au pass\u00e9 dans les ensembles de donn\u00e9es de r\u00e9glage fin r\u00e9duisait efficacement la sensibilit\u00e9 \u00e0 cette technique de jailbreak.<\/p>\n<p>Bien qu'efficace, cette approche n\u00e9cessite d'anticiper les types d'invites dangereuses qu'un utilisateur peut saisir.<\/p>\n<p>Les chercheurs sugg\u00e8rent que l'\u00e9valuation des r\u00e9sultats d'un mod\u00e8le avant qu'il ne soit pr\u00e9sent\u00e9 \u00e0 l'utilisateur est une solution plus simple.<\/p>\n<p>Aussi simple que soit ce jailbreak, il ne semble pas que les principales soci\u00e9t\u00e9s d'intelligence artificielle aient encore trouv\u00e9 un moyen de le corriger.<\/p>","protected":false},"excerpt":{"rendered":"<p>Des chercheurs de l'\u00c9cole polytechnique f\u00e9d\u00e9rale de Lausanne (EPFL) ont d\u00e9couvert que l'\u00e9criture d'invites dangereuses au pass\u00e9 contournait l'entra\u00eenement au refus des LLM les plus avanc\u00e9s. Les mod\u00e8les d'IA sont g\u00e9n\u00e9ralement align\u00e9s \u00e0 l'aide de techniques telles que le r\u00e9glage fin supervis\u00e9 (SFT) ou l'apprentissage par renforcement du feedback humain (RLHF) afin de s'assurer que le mod\u00e8le ne r\u00e9pond pas \u00e0 des messages dangereux ou ind\u00e9sirables. Cette formation au refus intervient lorsque vous demandez \u00e0 ChatGPT des conseils sur la fabrication d'une bombe ou de drogues. Nous avons abord\u00e9 une s\u00e9rie de techniques int\u00e9ressantes de jailbreak qui contournent ces garde-fous, mais la m\u00e9thode test\u00e9e par les chercheurs de l'EPFL est de loin la plus simple.<\/p>","protected":false},"author":6,"featured_media":13544,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[84],"tags":[163,118],"class_list":["post-13539","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-industry","tag-ai-risks","tag-llms"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>LLM refusal training easily bypassed with past tense prompts | DailyAI<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/dailyai.com\/fr\/2024\/07\/llm-refusal-training-easily-bypassed-with-past-tense-prompts\/\" \/>\n<meta property=\"og:locale\" content=\"fr_FR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"LLM refusal training easily bypassed with past tense prompts | DailyAI\" \/>\n<meta property=\"og:description\" content=\"Researchers from the Swiss Federal Institute of Technology Lausanne (EPFL) found that writing dangerous prompts in the past tense bypassed the refusal training of the most advanced LLMs. AI models are commonly aligned using techniques like supervised fine-tuning (SFT) or reinforcement learning human feedback (RLHF) to make sure the model doesn\u2019t respond to dangerous or undesirable prompts. This refusal training kicks in when you ask ChatGPT for advice on how to make a bomb or drugs. We\u2019ve covered a range of interesting jailbreak techniques that bypass these guardrails but the method the EPFL researchers tested is by far the simplest.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/dailyai.com\/fr\/2024\/07\/llm-refusal-training-easily-bypassed-with-past-tense-prompts\/\" \/>\n<meta property=\"og:site_name\" content=\"DailyAI\" \/>\n<meta property=\"article:published_time\" content=\"2024-07-22T10:04:27+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/dailyai.com\/wp-content\/uploads\/2024\/07\/Jailbreak-AI-model-with-past-tense.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"1792\" \/>\n\t<meta property=\"og:image:height\" content=\"1024\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/webp\" \/>\n<meta name=\"author\" content=\"Eugene van der Watt\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@DailyAIOfficial\" \/>\n<meta name=\"twitter:site\" content=\"@DailyAIOfficial\" \/>\n<meta name=\"twitter:label1\" content=\"\u00c9crit par\" \/>\n\t<meta name=\"twitter:data1\" content=\"Eugene van der Watt\" \/>\n\t<meta name=\"twitter:label2\" content=\"Dur\u00e9e de lecture estim\u00e9e\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"NewsArticle\",\"@id\":\"https:\\\/\\\/dailyai.com\\\/2024\\\/07\\\/llm-refusal-training-easily-bypassed-with-past-tense-prompts\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/dailyai.com\\\/2024\\\/07\\\/llm-refusal-training-easily-bypassed-with-past-tense-prompts\\\/\"},\"author\":{\"name\":\"Eugene van der Watt\",\"@id\":\"https:\\\/\\\/dailyai.com\\\/#\\\/schema\\\/person\\\/7ce525c6d0c79838b7cc7cde96993cfa\"},\"headline\":\"LLM refusal training easily bypassed with past tense prompts\",\"datePublished\":\"2024-07-22T10:04:27+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/dailyai.com\\\/2024\\\/07\\\/llm-refusal-training-easily-bypassed-with-past-tense-prompts\\\/\"},\"wordCount\":569,\"publisher\":{\"@id\":\"https:\\\/\\\/dailyai.com\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/dailyai.com\\\/2024\\\/07\\\/llm-refusal-training-easily-bypassed-with-past-tense-prompts\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/dailyai.com\\\/wp-content\\\/uploads\\\/2024\\\/07\\\/Jailbreak-AI-model-with-past-tense.webp\",\"keywords\":[\"AI risks\",\"LLMS\"],\"articleSection\":[\"Industry\"],\"inLanguage\":\"fr-FR\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/dailyai.com\\\/2024\\\/07\\\/llm-refusal-training-easily-bypassed-with-past-tense-prompts\\\/\",\"url\":\"https:\\\/\\\/dailyai.com\\\/2024\\\/07\\\/llm-refusal-training-easily-bypassed-with-past-tense-prompts\\\/\",\"name\":\"LLM refusal training easily bypassed with past tense prompts | DailyAI\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/dailyai.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/dailyai.com\\\/2024\\\/07\\\/llm-refusal-training-easily-bypassed-with-past-tense-prompts\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/dailyai.com\\\/2024\\\/07\\\/llm-refusal-training-easily-bypassed-with-past-tense-prompts\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/dailyai.com\\\/wp-content\\\/uploads\\\/2024\\\/07\\\/Jailbreak-AI-model-with-past-tense.webp\",\"datePublished\":\"2024-07-22T10:04:27+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/dailyai.com\\\/2024\\\/07\\\/llm-refusal-training-easily-bypassed-with-past-tense-prompts\\\/#breadcrumb\"},\"inLanguage\":\"fr-FR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/dailyai.com\\\/2024\\\/07\\\/llm-refusal-training-easily-bypassed-with-past-tense-prompts\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\\\/\\\/dailyai.com\\\/2024\\\/07\\\/llm-refusal-training-easily-bypassed-with-past-tense-prompts\\\/#primaryimage\",\"url\":\"https:\\\/\\\/dailyai.com\\\/wp-content\\\/uploads\\\/2024\\\/07\\\/Jailbreak-AI-model-with-past-tense.webp\",\"contentUrl\":\"https:\\\/\\\/dailyai.com\\\/wp-content\\\/uploads\\\/2024\\\/07\\\/Jailbreak-AI-model-with-past-tense.webp\",\"width\":1792,\"height\":1024},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/dailyai.com\\\/2024\\\/07\\\/llm-refusal-training-easily-bypassed-with-past-tense-prompts\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/dailyai.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"LLM refusal training easily bypassed with past tense prompts\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/dailyai.com\\\/#website\",\"url\":\"https:\\\/\\\/dailyai.com\\\/\",\"name\":\"DailyAI\",\"description\":\"Your Daily Dose of AI News\",\"publisher\":{\"@id\":\"https:\\\/\\\/dailyai.com\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/dailyai.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"fr-FR\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/dailyai.com\\\/#organization\",\"name\":\"DailyAI\",\"url\":\"https:\\\/\\\/dailyai.com\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\\\/\\\/dailyai.com\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/dailyai.com\\\/wp-content\\\/uploads\\\/2023\\\/06\\\/Daily-Ai_TL_colour.png\",\"contentUrl\":\"https:\\\/\\\/dailyai.com\\\/wp-content\\\/uploads\\\/2023\\\/06\\\/Daily-Ai_TL_colour.png\",\"width\":4501,\"height\":934,\"caption\":\"DailyAI\"},\"image\":{\"@id\":\"https:\\\/\\\/dailyai.com\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/DailyAIOfficial\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/dailyaiofficial\\\/\",\"https:\\\/\\\/www.youtube.com\\\/@DailyAIOfficial\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/dailyai.com\\\/#\\\/schema\\\/person\\\/7ce525c6d0c79838b7cc7cde96993cfa\",\"name\":\"Eugene van der Watt\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\\\/\\\/dailyai.com\\\/wp-content\\\/uploads\\\/2023\\\/07\\\/Eugine_Profile_Picture-96x96.png\",\"url\":\"https:\\\/\\\/dailyai.com\\\/wp-content\\\/uploads\\\/2023\\\/07\\\/Eugine_Profile_Picture-96x96.png\",\"contentUrl\":\"https:\\\/\\\/dailyai.com\\\/wp-content\\\/uploads\\\/2023\\\/07\\\/Eugine_Profile_Picture-96x96.png\",\"caption\":\"Eugene van der Watt\"},\"description\":\"Eugene comes from an electronic engineering background and loves all things tech. When he takes a break from consuming AI news you'll find him at the snooker table.\",\"sameAs\":[\"www.linkedin.com\\\/in\\\/eugene-van-der-watt-16828119\"],\"url\":\"https:\\\/\\\/dailyai.com\\\/fr\\\/author\\\/eugene\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"La formation au refus du LLM est facilement contourn\u00e9e par des messages au pass\u00e9 | DailyAI","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/dailyai.com\/fr\/2024\/07\/llm-refusal-training-easily-bypassed-with-past-tense-prompts\/","og_locale":"fr_FR","og_type":"article","og_title":"LLM refusal training easily bypassed with past tense prompts | DailyAI","og_description":"Researchers from the Swiss Federal Institute of Technology Lausanne (EPFL) found that writing dangerous prompts in the past tense bypassed the refusal training of the most advanced LLMs. AI models are commonly aligned using techniques like supervised fine-tuning (SFT) or reinforcement learning human feedback (RLHF) to make sure the model doesn\u2019t respond to dangerous or undesirable prompts. This refusal training kicks in when you ask ChatGPT for advice on how to make a bomb or drugs. We\u2019ve covered a range of interesting jailbreak techniques that bypass these guardrails but the method the EPFL researchers tested is by far the simplest.","og_url":"https:\/\/dailyai.com\/fr\/2024\/07\/llm-refusal-training-easily-bypassed-with-past-tense-prompts\/","og_site_name":"DailyAI","article_published_time":"2024-07-22T10:04:27+00:00","og_image":[{"width":1792,"height":1024,"url":"https:\/\/dailyai.com\/wp-content\/uploads\/2024\/07\/Jailbreak-AI-model-with-past-tense.webp","type":"image\/webp"}],"author":"Eugene van der Watt","twitter_card":"summary_large_image","twitter_creator":"@DailyAIOfficial","twitter_site":"@DailyAIOfficial","twitter_misc":{"\u00c9crit par":"Eugene van der Watt","Dur\u00e9e de lecture estim\u00e9e":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"NewsArticle","@id":"https:\/\/dailyai.com\/2024\/07\/llm-refusal-training-easily-bypassed-with-past-tense-prompts\/#article","isPartOf":{"@id":"https:\/\/dailyai.com\/2024\/07\/llm-refusal-training-easily-bypassed-with-past-tense-prompts\/"},"author":{"name":"Eugene van der Watt","@id":"https:\/\/dailyai.com\/#\/schema\/person\/7ce525c6d0c79838b7cc7cde96993cfa"},"headline":"LLM refusal training easily bypassed with past tense prompts","datePublished":"2024-07-22T10:04:27+00:00","mainEntityOfPage":{"@id":"https:\/\/dailyai.com\/2024\/07\/llm-refusal-training-easily-bypassed-with-past-tense-prompts\/"},"wordCount":569,"publisher":{"@id":"https:\/\/dailyai.com\/#organization"},"image":{"@id":"https:\/\/dailyai.com\/2024\/07\/llm-refusal-training-easily-bypassed-with-past-tense-prompts\/#primaryimage"},"thumbnailUrl":"https:\/\/dailyai.com\/wp-content\/uploads\/2024\/07\/Jailbreak-AI-model-with-past-tense.webp","keywords":["AI risks","LLMS"],"articleSection":["Industry"],"inLanguage":"fr-FR"},{"@type":"WebPage","@id":"https:\/\/dailyai.com\/2024\/07\/llm-refusal-training-easily-bypassed-with-past-tense-prompts\/","url":"https:\/\/dailyai.com\/2024\/07\/llm-refusal-training-easily-bypassed-with-past-tense-prompts\/","name":"La formation au refus du LLM est facilement contourn\u00e9e par des messages au pass\u00e9 | DailyAI","isPartOf":{"@id":"https:\/\/dailyai.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/dailyai.com\/2024\/07\/llm-refusal-training-easily-bypassed-with-past-tense-prompts\/#primaryimage"},"image":{"@id":"https:\/\/dailyai.com\/2024\/07\/llm-refusal-training-easily-bypassed-with-past-tense-prompts\/#primaryimage"},"thumbnailUrl":"https:\/\/dailyai.com\/wp-content\/uploads\/2024\/07\/Jailbreak-AI-model-with-past-tense.webp","datePublished":"2024-07-22T10:04:27+00:00","breadcrumb":{"@id":"https:\/\/dailyai.com\/2024\/07\/llm-refusal-training-easily-bypassed-with-past-tense-prompts\/#breadcrumb"},"inLanguage":"fr-FR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/dailyai.com\/2024\/07\/llm-refusal-training-easily-bypassed-with-past-tense-prompts\/"]}]},{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/dailyai.com\/2024\/07\/llm-refusal-training-easily-bypassed-with-past-tense-prompts\/#primaryimage","url":"https:\/\/dailyai.com\/wp-content\/uploads\/2024\/07\/Jailbreak-AI-model-with-past-tense.webp","contentUrl":"https:\/\/dailyai.com\/wp-content\/uploads\/2024\/07\/Jailbreak-AI-model-with-past-tense.webp","width":1792,"height":1024},{"@type":"BreadcrumbList","@id":"https:\/\/dailyai.com\/2024\/07\/llm-refusal-training-easily-bypassed-with-past-tense-prompts\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/dailyai.com\/"},{"@type":"ListItem","position":2,"name":"LLM refusal training easily bypassed with past tense prompts"}]},{"@type":"WebSite","@id":"https:\/\/dailyai.com\/#website","url":"https:\/\/dailyai.com\/","name":"DailyAI","description":"Votre dose quotidienne de nouvelles sur l'IA","publisher":{"@id":"https:\/\/dailyai.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/dailyai.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"fr-FR"},{"@type":"Organization","@id":"https:\/\/dailyai.com\/#organization","name":"DailyAI","url":"https:\/\/dailyai.com\/","logo":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/dailyai.com\/#\/schema\/logo\/image\/","url":"https:\/\/dailyai.com\/wp-content\/uploads\/2023\/06\/Daily-Ai_TL_colour.png","contentUrl":"https:\/\/dailyai.com\/wp-content\/uploads\/2023\/06\/Daily-Ai_TL_colour.png","width":4501,"height":934,"caption":"DailyAI"},"image":{"@id":"https:\/\/dailyai.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/DailyAIOfficial","https:\/\/www.linkedin.com\/company\/dailyaiofficial\/","https:\/\/www.youtube.com\/@DailyAIOfficial"]},{"@type":"Person","@id":"https:\/\/dailyai.com\/#\/schema\/person\/7ce525c6d0c79838b7cc7cde96993cfa","name":"Eug\u00e8ne van der Watt","image":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/dailyai.com\/wp-content\/uploads\/2023\/07\/Eugine_Profile_Picture-96x96.png","url":"https:\/\/dailyai.com\/wp-content\/uploads\/2023\/07\/Eugine_Profile_Picture-96x96.png","contentUrl":"https:\/\/dailyai.com\/wp-content\/uploads\/2023\/07\/Eugine_Profile_Picture-96x96.png","caption":"Eugene van der Watt"},"description":"Eugene a une formation d'ing\u00e9nieur en \u00e9lectronique et adore tout ce qui touche \u00e0 la technologie. Lorsqu'il fait une pause dans sa consommation d'informations sur l'IA, vous le trouverez \u00e0 la table de snooker.","sameAs":["www.linkedin.com\/in\/eugene-van-der-watt-16828119"],"url":"https:\/\/dailyai.com\/fr\/author\/eugene\/"}]}},"_links":{"self":[{"href":"https:\/\/dailyai.com\/fr\/wp-json\/wp\/v2\/posts\/13539","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dailyai.com\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dailyai.com\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dailyai.com\/fr\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/dailyai.com\/fr\/wp-json\/wp\/v2\/comments?post=13539"}],"version-history":[{"count":3,"href":"https:\/\/dailyai.com\/fr\/wp-json\/wp\/v2\/posts\/13539\/revisions"}],"predecessor-version":[{"id":13546,"href":"https:\/\/dailyai.com\/fr\/wp-json\/wp\/v2\/posts\/13539\/revisions\/13546"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/dailyai.com\/fr\/wp-json\/wp\/v2\/media\/13544"}],"wp:attachment":[{"href":"https:\/\/dailyai.com\/fr\/wp-json\/wp\/v2\/media?parent=13539"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dailyai.com\/fr\/wp-json\/wp\/v2\/categories?post=13539"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dailyai.com\/fr\/wp-json\/wp\/v2\/tags?post=13539"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}