This research introduces a novel evaluation framework that shifts from binary assessment of LLM robustness to measuring the effectiveness of jailbreak attacks themselves.

• Presents both coarse-grained and fine-grained evaluation methodologies for jailbreak attacks
• Focuses on the attacking prompts rather than just model defense capabilities
• Enables more nuanced understanding of security vulnerabilities in large language models
• Helps security teams better prioritize and address specific attack vectors

This research matters for security because it provides a more sophisticated approach to understanding LLM vulnerabilities, allowing for more targeted security improvements and defense mechanisms against evolving jailbreak techniques.

AttackEval: How to Evaluate the Effectiveness of Jailbreak Attacking on Large Language Models