← Back to search

paper reviewed open access llmsec-2024-00049

Tree of Attacks: Jailbreaking Black-Box LLMs with Auto-Generated Subtrees

Anay Mehrotra, Manolis Zampetakis, Paul Kassianik, Blaine Nelson, Hyrum Anderson, Yaron Singer, Amin Karbasi

2024 — NeurIPS 2024 175 citations

View Resource PDF

Abstract

Introduces TAP using an LLM to iteratively refine jailbreak prompts against black-box target models with high success rates.

Categories

jailbreaking red teaming

Tags

black-boxautomatedtree-search

Framework Mappings

OWASP LLM: LLM01 MITRE ATLAS: AML.T0054

Cite This Resource

@article{llmsec202400049,
  title = {Tree of Attacks: Jailbreaking Black-Box LLMs with Auto-Generated Subtrees},
  author = {Anay Mehrotra and Manolis Zampetakis and Paul Kassianik and Blaine Nelson and Hyrum Anderson and Yaron Singer and Amin Karbasi},
  year = {2024},
  journal = {NeurIPS 2024},
  url = {https://arxiv.org/abs/2312.02119},
}

Metadata

Added: 2026-04-14
Added by: manual
Source: manual
arxiv_id: 2312.02119