Stepwise Reasoning Disruption Attack of LLMs

Jingyu Peng; Maolin Wang; Xiangyu Zhao; Kai Zhang (张楷); Wanyu Wang; Pengyue Jia; Qidong Liu; Ruocheng Guo; Qi Liu

doi:10.18653/v1/2025.acl-long.251

Stepwise Reasoning Disruption Attack of LLMs

Jingyu Peng, Maolin Wang, Xiangyu Zhao, Kai Zhang, Wanyu Wang, Pengyue Jia, Qidong Liu, Ruocheng Guo, Qi Liu

Abstract

Large language models (LLMs) have made remarkable strides in complex reasoning tasks, but their safety and robustness in reasoning processes remain unexplored, particularly in third-party platforms that facilitate user interactions via APIs. Existing attacks on LLM reasoning are constrained by specific settings or lack of imperceptibility, limiting their feasibility and generalizability. To address these challenges, we propose the Stepwise rEasoning Error Disruption (SEED) attack, which subtly injects errors into prior reasoning steps to mislead the model into producing incorrect subsequent reasoning and final answers. Unlike previous methods, SEED is compatible with zero-shot and few-shot settings, maintains the natural reasoning flow, and ensures covert execution without modifying the instruction. Extensive experiments on four datasets across four different models demonstrate SEED’s effectiveness, revealing the vulnerabilities of LLMs to disruptions in reasoning processes. These findings underscore the need for greater attention to the robustness of LLM reasoning to ensure safety in practical applications. Our code is available at: https://github.com/Applied-Machine-Learning-Lab/SEED-Attack

Anthology ID:: 2025.acl-long.251
Volume:: Proceedings of the 63rd Annual Meeting of the Association for Computational Linguistics (Volume 1: Long Papers)
Month:: July
Year:: 2025
Address:: Vienna, Austria
Editors:: Wanxiang Che, Joyce Nabende, Ekaterina Shutova, Mohammad Taher Pilehvar
Venue:: ACL
SIG:
Publisher:: Association for Computational Linguistics
Note:
Pages:: 5040–5058
Language:
URL:: https://aclanthology.org/2025.acl-long.251/
DOI:: 10.18653/v1/2025.acl-long.251
Bibkey:
Cite (ACL):: Jingyu Peng, Maolin Wang, Xiangyu Zhao, Kai Zhang, Wanyu Wang, Pengyue Jia, Qidong Liu, Ruocheng Guo, and Qi Liu. 2025. Stepwise Reasoning Disruption Attack of LLMs. In Proceedings of the 63rd Annual Meeting of the Association for Computational Linguistics (Volume 1: Long Papers), pages 5040–5058, Vienna, Austria. Association for Computational Linguistics.
Cite (Informal):: Stepwise Reasoning Disruption Attack of LLMs (Peng et al., ACL 2025)
Copy Citation:
PDF:: https://aclanthology.org/2025.acl-long.251.pdf

PDF Cite Search Fix data