{"id":"https://openalex.org/W4390214435","doi":"https://doi.org/10.48550/arxiv.2312.14302","title":"Exploiting Novel GPT-4 APIs","display_name":"Exploiting Novel GPT-4 APIs","publication_year":2023,"publication_date":"2023-12-21","ids":{"openalex":"https://openalex.org/W4390214435","doi":"https://doi.org/10.48550/arxiv.2312.14302"},"language":"en","primary_location":{"id":"pmh:oai:arXiv.org:2312.14302","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2312.14302","pdf_url":"https://arxiv.org/pdf/2312.14302","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"text"},"type":"preprint","indexed_in":["arxiv","datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://arxiv.org/pdf/2312.14302","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5057950507","display_name":"Kellin Pelrine","orcid":null},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Pelrine, Kellin","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5012070866","display_name":"Mohammad Taufeeque","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Taufeeque, Mohammad","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5031048017","display_name":"Micha\u0142 Zaj\u0105c","orcid":"https://orcid.org/0000-0001-9096-8258"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Zaj\u0105c, Micha\u0142","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101284290","display_name":"Euan McLean","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"McLean, Euan","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"last","author":{"id":"https://openalex.org/A5067087948","display_name":"Adam Gleave","orcid":"https://orcid.org/0000-0002-3467-528X"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Gleave, Adam","raw_affiliation_strings":[],"affiliations":[]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5057950507"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":true,"cited_by_count":3,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9527999758720398,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9527999758720398,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11636","display_name":"Artificial Intelligence in Healthcare and Education","score":0.9358999729156494,"subfield":{"id":"https://openalex.org/subfields/2718","display_name":"Health Informatics"},"field":{"id":"https://openalex.org/fields/27","display_name":"Medicine"},"domain":{"id":"https://openalex.org/domains/4","display_name":"Health Sciences"}},{"id":"https://openalex.org/T11986","display_name":"Scientific Computing and Data Management","score":0.9337000250816345,"subfield":{"id":"https://openalex.org/subfields/1802","display_name":"Information Systems and Management"},"field":{"id":"https://openalex.org/fields/18","display_name":"Decision Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7992218732833862},{"id":"https://openalex.org/keywords/schema","display_name":"Schema (genetic algorithms)","score":0.6097926497459412},{"id":"https://openalex.org/keywords/function","display_name":"Function (biology)","score":0.5118507742881775},{"id":"https://openalex.org/keywords/black-box","display_name":"Black box","score":0.45140278339385986},{"id":"https://openalex.org/keywords/information-retrieval","display_name":"Information retrieval","score":0.2591232657432556},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.23938772082328796}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7992218732833862},{"id":"https://openalex.org/C52146309","wikidata":"https://www.wikidata.org/wiki/Q7431116","display_name":"Schema (genetic algorithms)","level":2,"score":0.6097926497459412},{"id":"https://openalex.org/C14036430","wikidata":"https://www.wikidata.org/wiki/Q3736076","display_name":"Function (biology)","level":2,"score":0.5118507742881775},{"id":"https://openalex.org/C94966114","wikidata":"https://www.wikidata.org/wiki/Q29256","display_name":"Black box","level":2,"score":0.45140278339385986},{"id":"https://openalex.org/C23123220","wikidata":"https://www.wikidata.org/wiki/Q816826","display_name":"Information retrieval","level":1,"score":0.2591232657432556},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.23938772082328796},{"id":"https://openalex.org/C78458016","wikidata":"https://www.wikidata.org/wiki/Q840400","display_name":"Evolutionary biology","level":1,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"pmh:oai:arXiv.org:2312.14302","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2312.14302","pdf_url":"https://arxiv.org/pdf/2312.14302","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"text"},{"id":"doi:10.48550/arxiv.2312.14302","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2312.14302","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"pmh:oai:arXiv.org:2312.14302","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2312.14302","pdf_url":"https://arxiv.org/pdf/2312.14302","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"text"},"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","score":0.7599999904632568,"id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4390214435.pdf","grobid_xml":"https://content.openalex.org/works/W4390214435.grobid-xml"},"referenced_works_count":0,"referenced_works":[],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2748952813","https://openalex.org/W2390279801","https://openalex.org/W2358668433","https://openalex.org/W2376932109","https://openalex.org/W2001405890","https://openalex.org/W2382290278","https://openalex.org/W2478288626","https://openalex.org/W4391913857","https://openalex.org/W2350741829"],"abstract_inverted_index":{"Language":[0],"model":[1,15,71],"attacks":[2],"typically":[3],"assume":[4],"one":[5],"of":[6,92],"two":[7],"extreme":[8],"threat":[9,45],"models:":[10],"full":[11],"white-box":[12],"access":[13,19,41],"to":[14,21,43,111,137],"weights,":[16],"or":[17,79],"black-box":[18],"limited":[20],"a":[22,70,90],"text":[23,35],"generation":[24],"API.":[25],"However,":[26],"real-world":[27],"APIs":[28,38],"are":[29],"often":[30],"more":[31],"flexible":[32],"than":[33],"just":[34],"generation:":[36],"these":[37],"expose":[39],"\"gray-box\"":[40],"leading":[42],"new":[44,53,146],"vectors.":[46],"To":[47],"explore":[48],"this,":[49],"we":[50,96,117],"red-team":[51],"three":[52],"functionalities":[54],"exposed":[55,140],"in":[56],"the":[57,103,138],"GPT-4":[58,99],"APIs:":[59],"fine-tuning,":[60],"function":[61,104,114],"calling":[62],"and":[63,107],"knowledge":[64,120],"retrieval.":[65],"We":[66],"find":[67,97,118],"that":[68,98,119,134],"fine-tuning":[69],"on":[72],"as":[73,75],"few":[74],"15":[76],"harmful":[77,93],"examples":[78,82],"100":[80],"benign":[81],"can":[83,108,122,144],"remove":[84],"core":[85],"safeguards":[86],"from":[87],"GPT-4,":[88],"enabling":[89],"range":[91],"outputs.":[94],"Furthermore,":[95],"Assistants":[100],"readily":[101],"divulge":[102],"call":[105],"schema":[106],"be":[109,123],"made":[110],"execute":[112],"arbitrary":[113],"calls.":[115],"Finally,":[116],"retrieval":[121,129],"hijacked":[124],"by":[125,141],"injecting":[126],"instructions":[127],"into":[128],"documents.":[130],"These":[131],"vulnerabilities":[132],"highlight":[133],"any":[135],"additions":[136],"functionality":[139],"an":[142],"API":[143],"create":[145],"vulnerabilities.":[147]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":2}],"updated_date":"2026-03-09T08:58:05.943551","created_date":"2025-10-10T00:00:00"}