PulseAugur
实时 16:39:38
English(EN) Grammar-Constrained Decoding Can Jailbreak LLMs into Generating Malicious Code

新攻击利用大型语言模型代码生成能力制造恶意软件

作者 PulseAugur 编辑部 · [3 个来源] ·

研究人员发现了一种大型语言模型(LLM)的新漏洞,其中一种旨在提高代码生成可靠性的技术——语法约束解码(GCD),可能被利用来生成恶意代码。这种名为CodeSpear的攻击利用良性代码语法约束来绕过LLM的安全措施。为了应对这一威胁,研究人员开发了一种名为CodeShield的新防御机制,该机制通过训练LLM在GCD下生成无害的“蜜罐”代码,从而在不牺牲实用性的情况下保持安全性。 AI

影响 新的攻击向量凸显了LLM代码生成中的安全风险,需要CodeShield等强大的防御措施。

排序理由 该集群包含一篇学术论文,详细介绍了LLM的新漏洞和防御机制。

在 Hugging Face Daily Papers 阅读 →

AI 生成摘要 · Google Gemini · 来自 3 个来源。 我们如何撰写摘要 →

报道来源 [3]

  1. arXiv cs.AI TIER_1 English(EN) · Yitong Zhang, Shiteng Lu, Jia Li ·

    Grammar-Constrained Decoding Can Jailbreak LLMs into Generating Malicious Code

    arXiv:2606.11817v1 Announce Type: cross Abstract: Large Language Models (LLMs) are increasingly used for code generation, raising concerns that they may be misused to produce malicious code. Meanwhile, Grammar-Constrained Decoding (GCD) has been widely adopted to improve the reli…

  2. arXiv cs.CL TIER_1 English(EN) · Jia Li ·

    语法约束解码可诱导大型语言模型生成恶意代码

    Large Language Models (LLMs) are increasingly used for code generation, raising concerns that they may be misused to produce malicious code. Meanwhile, Grammar-Constrained Decoding (GCD) has been widely adopted to improve the reliability of LLM-generated code by enforcing syntact…

  3. Hugging Face Daily Papers TIER_1 English(EN) ·

    Grammar-Constrained Decoding Can Jailbreak LLMs into Generating Malicious Code

    Grammar-constrained decoding techniques used to ensure syntactic validity in code generation can be exploited as an attack surface, leading to the development of a jailbreak method called CodeSpear and a safety alignment approach named CodeShield.

相关实体

相关话题