详细信息
- 来源站点
- ArXiv CS.AI
- 作者
- Junyoung Park, Seongyong Ju, Sunghwan Park, Jaewoo Lee
- 文章类型
- NEWS
- 语言
- en
- 发布日期
- 2026-06-02
摘要
arXiv:2606.00150v1 Announce Type: cross Abstract: As Large Language Models evolve for user convenience, vulnerability to jailbreak attacks continues to be reported despite ongoing efforts in safety training. Traditional jailbreak techniques typically focus on a single prompt injection, neglecting the models' ability to remember the flow of conversation and the user's instructions. In this paper, we propose Persona Attack, a memory injection based jailbreak method that manipulates the model's context window through a step by step approach. Experimental results from applying Persona Attack to several widely used LLMs reveal that, as injections accumulate in memory, models increasingly prioritize these instructions over their internal safety alignment mechanisms.