Overview
Severity: HIGH | Affected: Anthropic, Google | Category: research
A team from Stanford's AI Lab has published a paper detailing a novel jailbreak technique called the 'Cognitive Dissonance' attack. The method involves crafting prompts that create a logical paradox for the model, forcing it to prioritize one set of instructions over its safety alignment. For example, the prompt might ask the model to generate harmful content as part of a 'safety demonstration' for a fictional AI ethics board. This forces a conflict between its instruction-following and safety-filtering directives. The paper demonstrates successful attacks against leading models from companies like Anthropic and Google, achieving over an 85% success rate in bypassing safety guards for generating misinformation and malicious code. The research highlights the inherent difficulty in aligning models against complex, context-aware adversarial attacks.