|
Large Language Models (LLMs) such as ChatGPT and Bard have gradually penetrated various aspects of society. Organizations can integrate LLMs into their business workflows for better performance. Service providers can improve user experience with LLMs. However, LLMs also bring with them some disadvantages or challenges, such as biases, hallucinations, safety and privacy concerns. So, safety evaluation on LLM has become increasingly important. One safety evaluation method is to evaluate LLMs under adversarial attacks. In this paper, we propose to construct adversarial samples based on cognitive biases. This is a new method to introduce cognitive bias theory from cognitive psychology to LLM adversarial sample generation. Accordingly, we design a system to generate LLM adversarial samples based on cognitive biases. Adversarial attacks with ten classes of adversarial samples generated based on cognitive biases were performed on three major representative models (GPT-4-turbo, GPT-3.5-turbo, LLaMA 7B) according to the HarmBench safety evaluation dataset. This study found that adversarial samples based on cognitive biases could be generated with high Attack Success Rate (ASR). This study also found that adversarial samples generated based on cognitive biases have different effects with different models, different datasets and different types of cognitive biases. This study generated ten classes of adversarial samples based on cognitive biases, and evaluated only three LLMs under adversarial attacks. In the future we will take a deep dive into generating adversarial samples with higher ASR based on cognitive biases, semantics and context, and conducting safety evaluation for more LLMs.
|
