{"id":"https://openalex.org/W7152045281","doi":"https://doi.org/10.48550/arxiv.2604.05498","title":"JailWAM: Jailbreaking World Action Models in Robot Control","display_name":"JailWAM: Jailbreaking World Action Models in Robot Control","publication_year":2026,"publication_date":"2026-04-07","ids":{"openalex":"https://openalex.org/W7152045281","doi":"https://doi.org/10.48550/arxiv.2604.05498"},"language":null,"primary_location":{"id":"doi:10.48550/arxiv.2604.05498","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2604.05498","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"type":"preprint","indexed_in":["datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://doi.org/10.48550/arxiv.2604.05498","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5133182922","display_name":"Hanqing Liu","orcid":null},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Liu, Hanqing","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5091587922","display_name":"Songping Wang","orcid":"https://orcid.org/0009-0001-4513-7284"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Wang, Songping","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5133195551","display_name":"Jiahuan Long","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Long, Jiahuan","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5133222940","display_name":"Jiacheng Hou","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Hou, Jiacheng","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5133177461","display_name":"Jialiang Sun","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Sun, Jialiang","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5133159407","display_name":"Chao Li","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Li, Chao","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5133231450","display_name":"Yang Yang","orcid":"https://orcid.org/0000-0002-1289-1803"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Yang, Yang","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5133222230","display_name":"Wei Peng","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Peng, Wei","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5133163105","display_name":"Xu Liu","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Liu, Xu","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5133215050","display_name":"Tingsong Jiang","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Jiang, Tingsong","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5133167114","display_name":"Wen Yao","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Yao, Wen","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"last","author":{"id":"https://openalex.org/A5133173497","display_name":"Yao Mu","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Mu, Yao","raw_affiliation_strings":[],"affiliations":[]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":12,"corresponding_author_ids":["https://openalex.org/A5133182922"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.604200005531311,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.604200005531311,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10812","display_name":"Human Pose and Action Recognition","score":0.0885000005364418,"subfield":{"id":"https://openalex.org/subfields/1707","display_name":"Computer Vision and Pattern Recognition"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.05460000038146973,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/construct","display_name":"Construct (python library)","score":0.5690000057220459},{"id":"https://openalex.org/keywords/robot","display_name":"Robot","score":0.5667999982833862},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.5260999798774719},{"id":"https://openalex.org/keywords/action","display_name":"Action (physics)","score":0.4862000048160553},{"id":"https://openalex.org/keywords/benchmark","display_name":"Benchmark (surveying)","score":0.47049999237060547},{"id":"https://openalex.org/keywords/trajectory","display_name":"Trajectory","score":0.4129999876022339},{"id":"https://openalex.org/keywords/control","display_name":"Control (management)","score":0.4034999907016754},{"id":"https://openalex.org/keywords/component","display_name":"Component (thermodynamics)","score":0.39959999918937683}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6662999987602234},{"id":"https://openalex.org/C2780801425","wikidata":"https://www.wikidata.org/wiki/Q5164392","display_name":"Construct (python library)","level":2,"score":0.5690000057220459},{"id":"https://openalex.org/C90509273","wikidata":"https://www.wikidata.org/wiki/Q11012","display_name":"Robot","level":2,"score":0.5667999982833862},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.5260999798774719},{"id":"https://openalex.org/C2780791683","wikidata":"https://www.wikidata.org/wiki/Q846785","display_name":"Action (physics)","level":2,"score":0.4862000048160553},{"id":"https://openalex.org/C185798385","wikidata":"https://www.wikidata.org/wiki/Q1161707","display_name":"Benchmark (surveying)","level":2,"score":0.47049999237060547},{"id":"https://openalex.org/C13662910","wikidata":"https://www.wikidata.org/wiki/Q193139","display_name":"Trajectory","level":2,"score":0.4129999876022339},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.4050999879837036},{"id":"https://openalex.org/C2775924081","wikidata":"https://www.wikidata.org/wiki/Q55608371","display_name":"Control (management)","level":2,"score":0.4034999907016754},{"id":"https://openalex.org/C168167062","wikidata":"https://www.wikidata.org/wiki/Q1117970","display_name":"Component (thermodynamics)","level":2,"score":0.39959999918937683},{"id":"https://openalex.org/C107457646","wikidata":"https://www.wikidata.org/wiki/Q207434","display_name":"Human\u2013computer interaction","level":1,"score":0.3767000138759613},{"id":"https://openalex.org/C179768478","wikidata":"https://www.wikidata.org/wiki/Q1120057","display_name":"Cyber-physical system","level":2,"score":0.36970001459121704},{"id":"https://openalex.org/C2776157020","wikidata":"https://www.wikidata.org/wiki/Q851598","display_name":"Physical security","level":2,"score":0.3151000142097473},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.3050000071525574},{"id":"https://openalex.org/C189950617","wikidata":"https://www.wikidata.org/wiki/Q937228","display_name":"Property (philosophy)","level":2,"score":0.2955000102519989},{"id":"https://openalex.org/C116672817","wikidata":"https://www.wikidata.org/wiki/Q1454986","display_name":"Physical system","level":2,"score":0.2906999886035919},{"id":"https://openalex.org/C17500928","wikidata":"https://www.wikidata.org/wiki/Q959968","display_name":"Control system","level":2,"score":0.2768999934196472},{"id":"https://openalex.org/C2164484","wikidata":"https://www.wikidata.org/wiki/Q5170150","display_name":"Core (optical fiber)","level":2,"score":0.27079999446868896},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.25940001010894775},{"id":"https://openalex.org/C132835097","wikidata":"https://www.wikidata.org/wiki/Q7663745","display_name":"System safety","level":2,"score":0.2565000057220459},{"id":"https://openalex.org/C44154836","wikidata":"https://www.wikidata.org/wiki/Q45045","display_name":"Simulation","level":1,"score":0.25040000677108765}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.48550/arxiv.2604.05498","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2604.05498","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"doi:10.48550/arxiv.2604.05498","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2604.05498","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/10","score":0.49303963780403137,"display_name":"Reduced inequalities"},{"id":"https://metadata.un.org/sdg/16","score":0.44819971919059753,"display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"The":[0],"World":[1],"Action":[2],"Model":[3],"(WAM)":[4],"can":[5,219],"jointly":[6],"predict":[7],"future":[8],"world":[9],"states":[10],"and":[11,43,94,117,160,164,233],"actions,":[12],"exhibiting":[13],"stronger":[14],"physical":[15,24,170,203],"manipulation":[16],"capabilities":[17],"compared":[18],"with":[19],"traditional":[20],"models.":[21],"Such":[22],"powerful":[23],"interaction":[25],"ability":[26],"is":[27,33],"a":[28,128,155,177],"double-edged":[29],"sword:":[30],"if":[31],"safety":[32,80,183],"ignored,":[34],"it":[35],"will":[36],"directly":[37],"threaten":[38],"personal":[39],"safety,":[40],"property":[41],"security":[42,56],"environmental":[44],"safety.":[45],"However,":[46],"existing":[47],"research":[48],"pays":[49],"extremely":[50],"limited":[51],"attention":[52],"to":[53,62,76],"the":[54,58,71,79,89,134,182,198,212],"critical":[55],"gap:":[57],"vulnerability":[59],"of":[60,81,101,186],"WAM":[61,187],"jailbreak":[63,92,189],"attacks.":[64,190],"To":[65],"fill":[66],"this":[67],"gap,":[68],"we":[69,86,174],"define":[70],"Three-Level":[72],"Safety":[73],"Classification":[74],"Framework":[75],"systematically":[77],"quantify":[78],"robotic":[82],"arm":[83],"motions.":[84],"Furthermore,":[85],"propose":[87],"JailWAM,":[88,224],"first":[90,149],"dedicated":[91],"attack":[93,208],"evaluation":[95],"framework":[96,200],"for":[97,179,230],"WAM,":[98],"which":[99,108,125,148],"consists":[100],"three":[102],"core":[103],"components:":[104],"(1)":[105],"Visual-Trajectory":[106],"Mapping,":[107],"unifies":[109],"heterogeneous":[110],"action":[111],"spaces":[112],"into":[113],"visual":[114,142],"trajectory":[115],"representations":[116],"enables":[118],"cross-architectural":[119],"unified":[120],"evaluation;":[121],"(2)":[122],"Risk":[123],"Discriminator,":[124],"serves":[126],"as":[127],"high-recall":[129],"screening":[130,153],"tool":[131],"that":[132,197],"optimizes":[133],"efficiency-accuracy":[135],"trade-off":[136],"when":[137],"identifying":[138],"destructive":[139],"behaviors":[140],"in":[141,192],"trajectories;":[143],"(3)":[144],"Dual-Path":[145],"Verification":[146],"Strategy,":[147],"conducts":[150],"rapid":[151],"coarse":[152],"via":[154],"single-image-based":[156],"video-action":[157],"generation":[158],"module,":[159],"then":[161],"performs":[162],"efficient":[163],"comprehensive":[165],"verification":[166],"through":[167],"full":[168],"closed-loop":[169],"simulation.":[171],"In":[172],"addition,":[173],"construct":[175],"JailWAM-Bench,":[176],"benchmark":[178],"comprehensively":[180],"evaluating":[181],"alignment":[184],"performance":[185],"under":[188],"Experiments":[191],"RoboTwin":[193],"simulation":[194],"environment":[195],"demonstrate":[196],"proposed":[199],"efficiently":[201],"exposes":[202],"vulnerabilities,":[204],"achieving":[205],"an":[206,226],"84.2%":[207],"success":[209],"rate":[210],"on":[211,223],"state-of-the-art":[213],"LingBot-VA.":[214],"Meanwhile,":[215],"robust":[216],"defense":[217],"mechanisms":[218],"be":[220],"constructed":[221],"based":[222],"providing":[225],"effective":[227],"technical":[228],"solution":[229],"designing":[231],"safe":[232],"reliable":[234],"robot":[235],"control":[236],"systems.":[237]},"counts_by_year":[],"updated_date":"2026-04-09T06:13:59.934233","created_date":"2026-04-09T00:00:00"}