This paper analyzes Large Language Model (LLM) security vulnerabilities based on data from Crucible, encompassing 214,271 attack attempts by 1,674 users across 30 LLM challenges.Our findings reveal automated approaches significantly outperform manual techniques (69.5% vs 47.6% success rate), despite only 5.2% of users employing automation.We demonstrate that automated approaches excel in systematic exploration and pattern matching challenges, while manual approaches retain speed advantages in certain creative reasoning scenarios, often solving problems 5.2× faster when successful.Challenge categories requiring systematic exploration are most effectively targeted through automation, while intuitive challenges sometimes favor manual techniques for time-to-solve metrics.These results illuminate how algorithmic testing is transforming AI red-teaming practices, with implications for both offensive security research and defensive measures.Our analysis suggests optimal security testing combines human creativity for strategy development with programmatic execution for thorough exploration.
This paper analyzes the security vulnerabilities of Large Language Models (LLMs) based on data collected from Crucible, which includes 214,271 attack attempts across 30 challenges performed by 1,674 users. The study reveals that automated approaches significantly outperform manual techniques, achieving a success rate of 69.5% compared to 47.6% for manual attempts, despite automation being employed by only 5.2% of users. The authors discuss various aspects of LLM security, including the benefits of systematic exploration and pattern matching in automated strategies, and the advantages of human creativity in certain creative reasoning scenarios. Additionally, the research highlights the importance of combining both human and automated efforts in AI red teaming for enhanced security testing outcomes.
This paper employs the following methods:
- Automated approaches
- Manual techniques
- Heuristic labeling
- Supervised classification
- LLM-based classification
The following datasets were used in this research:
- Success rate
- Median solve time
- Automated approaches succeeded at a rate of 69.5%
- Manual attempts succeeded at a rate of 47.6%
- 5.2% of users employed automation
- Median solve time for automated attempts was 11.6 minutes, compared to 1.5 minutes for manual attempts
- Number of GPUs: None specified
- GPU Type: None specified
- Compute Requirements: None specified