%20--%3e%3cdefs%3e%3cstyle%3e%20.st0%20{%20fill:%20%23061b40;%20}%20.st1%20{%20fill:%20%23306af1;%20}%20.st2%20{%20fill:%20%235ce5cf;%20}%20%3c/style%3e%3c/defs%3e%3cg%3e%3cpath%20class='st0'%20d='M55,10.5h9v3h-9v9h12V7.5h-12v3ZM64,19.5h-6v-3h6v3Z'/%3e%3cpolygon%20class='st0'%20points='69%2016.5%2078%2016.5%2078%2019.5%2069%2019.5%2069%2022.5%2081%2022.5%2081%2013.5%2072%2013.5%2072%2010.5%2081%2010.5%2081%207.5%2069%207.5%2069%2016.5'/%3e%3cpolygon%20class='st0'%20points='95%2010.5%2095%207.5%2083%207.5%2083%2022.5%2095%2022.5%2095%2019.5%2086%2019.5%2086%2016.5%2095%2016.5%2095%2013.5%2086%2013.5%2086%2010.5%2095%2010.5'/%3e%3cpath%20class='st0'%20d='M40,1.5v21h11.6l1.4-1.4v-7.6h0c0,0-1.4-1.5-1.4-1.5l1.4-1.4V2.9l-1.4-1.4h-11.6ZM50,19.5h-7v-6h7v6ZM50,10.5h-7v-6h7v6Z'/%3e%3c/g%3e%3cpath%20class='st1'%20d='M23.1,24L14.7,4.8l-4.9,11.2h3.8l-1.8,4H3.3L12.1,0H2C.9,0,0,.9,0,2v20c0,1.1.9,2,2,2h21.1Z'/%3e%3cpath%20class='st2'%20d='M34,0h-16.8l10.6,24h6.2c1.1,0,2-.9,2-2V2C36,.9,35.1,0,34,0ZM32.5,20h-4V4h4v16Z'/%3e%3c/svg%3e)
With the rapid development of artificial intelligence (AI) technology, more and more companies are applying it to various aspects of daily life. However, the security and ethical issues of this technology have also attracted widespread attention. Recently, researchers from Intel, Boise State University, and the University of Illinois found that chatbots may be misled when facing large amounts of information, thereby violating their safety rules.
This study proposes a new type of attack method called "information overload." The researchers developed an automated system called "InfoFlood," which uses this method to trick large language models (LLMs) such as ChatGPT and Gemini into saying things they should not. According to the research, traditional protective measures mainly rely on identifying specific keywords, but when faced with an information flood, the model may become confused and bypass these protections.
Image source note: The image is AI-generated, and the image licensing service provider is Midjourney
The research team explained that when chatbots receive excessive information, they may misinterpret the user's intent, leading to incorrect answers. This method creates a standardized prompt template to overwhelm the AI model with more information, thus causing interference and confusion. For example, when the model refuses to answer a question, InfoFlood adds false citations or irrelevant ethical statements in the prompt, putting the model in a dilemma.
More worrying is that this discovery reveals that even with safety filters in place, malicious users can still manipulate the model through information overload to implant harmful content. The researchers plan to send a report of this finding to companies that have large AI models, reminding them to strengthen their security measures.
As technology continues to advance, how to reasonably use AI while protecting users remains a pressing challenge. Researchers hope that this study will spark more discussions about AI safety and ethics and encourage technology companies to take more effective protective measures.
