Harder to Defend: Towards Chinese Toxicity Attacks via Implicit Enhancement and Obfuscation Rewriting
Researchers have developed a new framework called CITA to generate more sophisticated Chinese toxicity attacks for large language models. This framework enhances implicit toxicity and obfuscates wording to make detection more challenging. When tested, existing toxicity detectors showed significant failure rates, with an average attack success rate of 69.48%. The generated data was also used to fine-tune a defense model, improving its robustness against these advanced attacks. AI
IMPACT Introduces a novel method for red-teaming LLMs, potentially leading to more robust toxicity detection systems.