IEEE ICASSP 2026 || Barcelona, Spain || 4-8 May 2026

IFS-P9.6

Mask-GCG: Are All Tokens in Adversarial Suffixes Necessary for Jailbreak Attacks?

Junjie Mu, Politecnico di Milano, Italy; Zonghao Ying, Beihang University, China; Zhekui Fan, East China Normal University, China; Zonglei Jing, Yaoyuan Zhang, Beihang University, China; Zhengmin Yu, Fudan University, China; Wenxin Zhang, University of the Chinese Academy of Sciences, China; Quanchen Zou, Xiangzheng Zhang, 360 AI Security Lab, China

Session:

IFS-P9: Backdoor, Poisoning, and Model Manipulation Poster

Location:

Poster Area 23

Presentation Time:

Wed, 6 May, 16:30 - 18:30

Session IFS-P9

IFS-P9.1: BADLLM-TG: A BACKDOOR DEFENDER POWERED BY LLM TRIGGER GENERATOR

Ruyi Zhang, Heng Gao, Songlei Jian, Yusong Tan, Haifang zhou, National University of Defense Technology, China

IFS-P9.2: MODEL SHALL KNOW IT: BACKDOOR ATTACKS ON IMAGE CAPTIONING MODELS BY TEXTURAL REPRESENTATIONS

Yudong Li, Central South University, China; Zhankai Li, National University of Defense Technology, China; Shigeng Zhang, Central South University, China; Xuan Liu, Hunan University, China; Kai Chen, Institute of Information Engineering Chinese Academy of Sciences, China

IFS-P9.3: INSS: INVISIBLE SAMPLE-SPECIFIC BACKDOOR ATTACK VIA INVERTIBLE HIDDEN NEURAL NETWORKS

Yaxin Wang, Hengqi Guo, Ruijun Deng, Fudan University, China; Chenchi Luo, China Mobile Shanghai ICT Co., Ltd., China; Zhihui Lu, Fudan University, China; Qiang Duan, The Pennsylvania State University, United States of America; Haijun Yang, China Mobile Shanghai ICT Co., Ltd., China

IFS-P9.4: BLACK-BOX ONLINE DATA POISONING AGAINST TRIMMING DEFENSES: AN MAB-BASED APPROACH

Dan Yu, Ruijie Xing, Jiahong Wang, Yadi Wen, Taiyuan University of Technology, China

IFS-P9.5: Adaptive Defense against Stationary Test-Time Attacks on Classifiers

Allen Yan, Jinsub Kim, Raviv Raich, Oregon State University, United States of America

IFS-P9.6: Mask-GCG: Are All Tokens in Adversarial Suffixes Necessary for Jailbreak Attacks?

Junjie Mu, Politecnico di Milano, Italy; Zonghao Ying, Beihang University, China; Zhekui Fan, East China Normal University, China; Zonglei Jing, Yaoyuan Zhang, Beihang University, China; Zhengmin Yu, Fudan University, China; Wenxin Zhang, University of the Chinese Academy of Sciences, China; Quanchen Zou, Xiangzheng Zhang, 360 AI Security Lab, China

IFS-P9.7: SEEM: EXPLOITING BLACK-BOX TEXT ATTACKS TO MANIPULATE TOOL SELECTION

Liuji Chen, CASIA, China; Hao Gao, BUPT, China; Jinghao Zhang, Qiang Liu, Shu Wu, Liang Wang, CASIA, China

IFS-P9.8: PINA: PROMPT INJECTION ATTACK AGAINST NAVIGATION AGENTS

Jiani Liu, Yixin He, Zhejiang University, China; Lanlan Fan, Southeast University, China; Qidi Zhong, Yushi Cheng, Meng Zhang, Yanjiao Chen, Wenyuan Xu, Zhejiang University, China

IFS-P9.9: PAPER SUMMARY ATTACK: JAILBREAKING LLMS THROUGH LLM SAFETY PAPERS

Liang Lin, Songlin Hu, Xuehai Tang, Institute of Information Engineering, Chinese Academy of Sciences, China

IFS-P9.10: CAS-J: Cross-Modal Attention Synergy for Jailbreaking Large Vision-Language Models

Xiaolong Li, Mingrui Lao, Chengsi Du, Liang Bai, Yanming Guo, National University of Defense Technology,, China

Contact | Accessibility | Nondiscrimination Policy | IEEE Ethics Reporting | IEEE Privacy Policy | Terms | Signal Processing Society

©2026 IEEE – All rights reserved.

Last updated Last updated 12 March 2026.

Use of this website signifies your agreement to the IEEE Terms and Conditions.

Support: webmaster@2026.ieeeicassp.org Host: https://cmsworldwide.com/