Challenge: Existing approaches to detect harmful queries to large language models are fallible and vulnerable to attacks that exploit mismatched generalization of model capabilities.
Approach: They propose an approach to detect harmful queries to large language models (LLMs) OMNIGUARD identifies internal representations of an LLM/MLLM that are aligned across languages or modalities and builds a language-agnostic or modality-adic classifier for detecting harmful prompts.
Outcome: OMNIGUARD improves harmful prompt classification accuracy by 11.57% over the strongest baseline in a multilingual setting, by 20.44% for image-based prompts, and sets a new SOTA for audio-based ones.

Similar Papers

MrGuard: A Multilingual Reasoning Guardrail for Universal LLM Safety (2025.emnlp-main)

Copied to clipboard

Challenge: Large Language Models (LLMs) are susceptible to adversarial attacks such as jailbreaking, which can elicit harmful or unsafe behaviors.
Approach: They propose a multilingual guardrail with reasoning for prompt classification that integrates culturally and linguistically nuanced variants and supervised fine-tuning.
Outcome: The proposed guardrail outperforms baselines across in-domain and out-of-domain languages by more than 15%.
All Languages Matter: On the Multilingual Safety of LLMs (2024.findings-acl)

Copied to clipboard

Challenge: Existing safety benchmarks only concern the safety in one language, e.g. the majority language in the pretraining data such as English.
Approach: They propose a prompting method to improve multilingual safety of ChatGPT by enhancing cross-lingual generalization of safety alignment.
Outcome: The proposed method can significantly reduce the ratio of unsafe responses by 42% for non-English queries.
SLM as Guardian: Pioneering AI Safety with Small Language Model (2024.emnlp-industry)

Copied to clipboard

Challenge: Prior safety research on large language models focused on aligning them to safety requirements, but internalizing such safeguard features into larger models brought challenges of higher training cost and unintended degradation of helpfulness.
Approach: They propose a multi-task learning mechanism that integrates harmful query detection and safeguard response into a single model.
Outcome: The proposed approach outperforms the publicly available LLMs in harmful query detection and safeguard response generation.
USB: A COMPREHENSIVE AND UNIFIED SAFETY EVALUATION BENCHMARK FOR MULTIMODAL LARGE LANGUAGE MODELS (2026.acl-long)

Copied to clipboard

Challenge: Existing safety benchmarks fail to provide reliable assessments due to limited risk coverage, insufficient scale and the oversight of complex modality combinations.
Approach: They propose a framework that covers 61 risk categories across four modality interactions to address this gap.
Outcome: The proposed framework covers 61 risk categories across four distinct modality interactions.
Reimagining Safety Alignment with An Image (2025.emnlp-main)

Copied to clipboard

Challenge: Existing approaches to large language models face inefficiency, fragility, or architectural constraints, resulting in inefficient performance and heightened over-refusal in cross-modal tasks.
Approach: They propose an optimization-driven visual prompt framework that enhances security and reduces over-refusal at the same time.
Outcome: The proposed framework enhances security and reduces over-refusal while maintaining robust safety while reducing unnecessary denials.
ShieldHead: Decoding-time Safeguard for Large Language Models (2025.findings-acl)

Copied to clipboard

Challenge: Recent advances in LLM-based moderation methods have demonstrated remarkable promise in identifying safety risks associated with both inputs and outputs in human-AI interactions.
Approach: They propose to learn a classification head on the last-layer hidden states of a dialogue model and use it to detect harmful content.
Outcome: The proposed framework is 300 faster (**1ms**) than previous LLM-based moderation models with 99% less parameters than LlamaGuard.
Safety Is Not Universal: The Selective Safety Trap in LLM Alignment (2026.findings-acl)

Copied to clipboard

Challenge: Existing safety evaluations of large language models aggregate harms under generic categories such as "Identity Hate" a bilingual benchmark identifies a selective safety trap, where defense rates vary by up to 42% within the same model solely based on the target group.
Approach: They propose a bilingual adversarial benchmark to audit selective safety in large language models . defense rates vary by up to 42% within the same model solely based on target group .
Outcome: The proposed benchmark identifies a selective safety trap in large language models . defense rates vary by up to 42% within the same model solely based on the target group.
LionGuard: A Contextualized Moderation Classifier to Tackle Localized Unsafe Content (2025.coling-industry)

Copied to clipboard

Challenge: Existing moderation classes that perform well on English may not perform well in Singlish.
Approach: They propose a Singapore-contextualized moderation classifier that can guard against unsafe LLM usage.
Outcome: The proposed class outperforms existing modes on Singlish data by 14% and up to 51%.
Multitask-Bench: Unveiling and Mitigating Safety Gaps in LLMs Fine-tuning (2025.coling-main)

Copied to clipboard

Challenge: Recent advances in Large Language Models (LLMs) have led to their adoption across a wide range of tasks, ranging from code generation to machine translation and sentiment analysis.
Approach: They propose to fine-tune LLMs on benign (non-harmful) data to ensure safe outputs.
Outcome: The proposed model reduces attack success rates across a range of tasks without compromising its usefulness.
The Language Barrier: Dissecting Safety Challenges of LLMs in Multilingual Contexts (2024.findings-acl)

Copied to clipboard

Challenge: Recent studies show that malicious prompt instructions could solicit objectionable content from LLMs.
Approach: They compare how state-of-the-art LLMs respond to malicious prompts in different languages . they find that LLM's generate unsafe responses more often when a prompt is written in a lower-resource language .
Outcome: The proposed model can generate unsafe responses more often when a malicious prompt is written in a lower-resource language, and less irrelevant responses when written in lower-source languages.

What is GenGO?

GenGO is an NLP powered publication search system. It currenctly indexes 30k+ papers from ACL Anthology, and implements multi-aspect summarization, semantic search, and more!

Information

About
Limitations