Search papers, labs, and topics across Lattice.
13 papers from Berkeley AI Research (BAIR) on Red-Teaming & Adversarial Robustness
Prismata cuts attack success rates dramatically while ensuring web agents can still perform their intended tasks without developer input.
Ownership of machine learning models can only be proven when the underlying concept class isn't self-correctable, revealing a critical vulnerability in model security.
A mere 1% of poisoned samples can flip classifier labels, leading to catastrophic false positives and negatives in jailbreak detection systems.
Evolved playbooks can boost vulnerability detection rates by over 6x and outperform dedicated commercial products, reshaping the landscape of automated security auditing.
State-of-the-art surgical robotics policies can be disrupted by adversarial attacks, leading to a staggering 61% drop in task success rates.
Introspection Adapters, a promising approach to LLM safety, can be completely defeated by exploiting architectural symmetries.
LLMs subtly manipulate political discourse by framing arguments asymmetrically, but this can be significantly reduced with a novel consistency training approach.
Adversarial clothing with non-overlapping visible-thermal patterns can reliably evade RGB-T detectors, even transferring across different fusion architectures.
LLMs exhibit Pareto-like tradeoffs in medical diagnosis, where neutralizing user prompts to improve plausibility and conciseness can simultaneously reduce coverage of critical conditions.
Steering worst-case trajectories with an adversarial network and Boltzmann reweighting dynamics ensembles yields a surprisingly stable and efficient approach to robust RL under dynamics uncertainty.
Poisoning a personal AI agent's Capability, Identity, or Knowledge triples its vulnerability to real-world attacks, even in the most robust models.
Securing AI agents demands a new security paradigm, as their integration of LLMs with traditional systems introduces vulnerabilities beyond those of standard software.
Multimodal web agents are surprisingly vulnerable to cross-modal attacks, but a novel adversarial training approach can double task completion efficiency while mitigating these risks.