MoJE: Mixture of Jailbreak Experts, Naive Tabular Classifiers as Guard for Prompt Attacks

Authors

  • Giandomenico Cornacchia IBM Research Europe
  • Giulio Zizzo IBM Research Europe
  • Kieran Fraser IBM Research Europe
  • Muhammad Zaid Hameed IBM Research Europe
  • Ambrish Rawat IBM Research Europe
  • Mark Purcell IBM Research Europe

DOI:

https://doi.org/10.1609/aies.v7i1.31638

Abstract

The proliferation of Large Language Models (LLMs) in diverse applications underscores the pressing need for robust security measures to thwart potential jailbreak attacks. These attacks exploit vulnerabilities within LLMs, endanger data integrity and user privacy. Guardrails serve as crucial protective mechanisms against such threats, but existing models often fall short in terms of both detection accuracy, and computational efficiency. This paper advocates for the significance of jailbreak attack prevention on LLMs, and emphasises the role of input guardrails in safeguarding these models. We introduce MoJE (Mixture of Jailbreak Expert), a novel guardrail architecture designed to surpass current limitations in existing state-of-the-art guardrails. By employing simple linguistic statistical techniques, MoJE excels in detecting jailbreak attacks while maintaining minimal computational overhead during model inference. Through rigorous experimentation, MoJE demonstrates superior performance capable of detecting 90% of the attacks without compromising benign prompts, enhancing LLMs security against jailbreak attacks.

Downloads

Published

2024-10-16

How to Cite

Cornacchia, G., Zizzo, G., Fraser, K., Hameed, M. Z., Rawat, A., & Purcell, M. (2024). MoJE: Mixture of Jailbreak Experts, Naive Tabular Classifiers as Guard for Prompt Attacks. Proceedings of the AAAI/ACM Conference on AI, Ethics, and Society, 7(1), 304-315. https://doi.org/10.1609/aies.v7i1.31638