Skip to content

Add adaptive random suffix attack module #30

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
ivanoconnor wants to merge 20 commits into
base: main
Choose a base branch
from
Open

Add adaptive random suffix attack module #30

ivanoconnor wants to merge 20 commits into from

Conversation

@ivanoconnor
Copy link

@ivanoconnor ivanoconnor commented Oct 21, 2025

Adds a token-level adversarial attack module based on research from the EPFL paper on adaptive attacks (arXiv:2404.02151)

Docs available at docs/10_adaptive_rsa.md

ivanoconnor and others added 20 commits August 18, 2025 17:31
@ivanoconnor
begin adding adaptive random suffix attack
ea0d876
@ivanoconnor
add data & improve loading
5057fdc
@ivanoconnor
update openai target, add direct adaptive_rsa debug
9b2b851
@ivanoconnor
add utils for offline operation
16103ac
@ivanoconnor
Fixes in adaptive_rsa, refactor tiktoken offline helper to download m…
4936cfc 
…apping file

- Updated `ensure_tiktoken_offline` function to download the public tiktoken mapping file from a specified URL instead of using a bundled resource.
- Added support for an optional `save_path` parameter to specify the exact file path or directory for saving the downloaded file.
- Improved error handling for download failures.
- Removed the `spikee/utils.py` module, which contained timeout utilities, as it is no longer needed.
@ivanoconnor
update scoring function
e9fd636
@ivanoconnor
update scoring logic, add temp debug logs
f063b58
@ivanoconnor
update docs, clean up, move n_iter_revert and penalty to attack-options
aae3078
@ivanoconnor
minor fix
e0f20ad
@ivanoconnor
add refusal probability mode, update docs, minor style edits
54b172e
@ivanoconnor
fix links, add docs for random suffix
454d320
@ivanoconnor
Merge remote-tracking branch 'origin/main' into random-suffix-attack
5be9603
@ivanoconnor
remove adaptive rsa from main docs
131a561
@ivanoconnor
minor docs edits
3c06eba
@ivanoconnor
update behaviour for enhanced compatibility, update docs, fix style i…
08fc671 
…nconsistencies
@ivanoconnor
update docs
ecccf5e
@ivanoconnor
Merge remote-tracking branch 'upstream/main' into random-suffix-attack
5f9c0a6
@ivanoconnor
clean up naming & update target requirements
76b273f
@ivanoconnor
clarify docs + remove unnecessary attributes
73e44c2
@ivanoconnor
move tiktoken encoding loader script
d72f272
@kyuz0
Copy link
Collaborator

kyuz0 commented Dec 6, 2025

@ivanoconnor / @Shiva108 , this pull request will need some work to be merged as we changed the attack module interface to use OOP and we introduced functional testing. I am planning to work on this merge this side of Christmas, unless somebody wants to give it a go, I think it mostly just needs an update to adapt to the new interfaces for targets and attacks, ensuring the OOP interface for targets correctly handles the log probabilities needed by the attack.

@ivanoconnor
Copy link
Author

ivanoconnor commented Dec 29, 2025

Hey - happy to give this a go over the next couple of weeks

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@Shiva108 Shiva108 Shiva108 approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@ivanoconnor @kyuz0 @Shiva108