---
id: 20260414-T0-08
title: "扩散模型存在安全漏洞：去噪不可逆性可被利用绕过安全对齐"
title_en: "Diffusion Models Vulnerable: Safety Alignment Bypassed via Denoising Irreversibility"
url: https://ai.daily.yangsir.net/daily/20260414-T0-08
issue_date: 2026-04-14
publish_date: 2026-04-13T04:00:00.000Z
category: research
source_name: "arXiv cs.CL (NLP)"
source_url: https://arxiv.org/abs/2604.08557
---

# 扩散模型存在安全漏洞：去噪不可逆性可被利用绕过安全对齐

MIT团队发现扩散语言模型的安全对齐存在致命漏洞。研究显示，扩散模型通过假设去噪过程单调且已标记的token不会被重新遮掩来保证安全，但Re-Mask and Redirect方法可利用去噪的不可逆性绕过这一机制。攻击者能控制生成内容，导致模型输出有害信息。该研究揭示了当前扩散模型安全防护的根本缺陷，为后续修复提供方向。

## English Version

**Diffusion Models Vulnerable: Safety Alignment Bypassed via Denoising Irreversibility**

MIT researchers uncover critical security flaw in diffusion language models. Safety alignment relies on the fragile assumption that denoising is monotonic and committed tokens aren't re-masked. The Re-Mark and Redirect method exploits denoising irreversibility to bypass safety controls, enabling harmful content generation. This reveals fundamental vulnerabilities in current diffusion model safety mechanisms.

---

**来源**：[arXiv cs.CL (NLP)](https://arxiv.org/abs/2604.08557)

**详情页**：https://ai.daily.yangsir.net/daily/20260414-T0-08

---

*智语观潮 · Daily — https://ai.daily.yangsir.net/llms.txt*