Multilingual Collaborative Defense for Large Language Models (2025.findings-emnlp)
Copied to clipboard
| Challenge: | Existing safeguards for Large Language Models are vulnerable to "jailbreaking" harmful queries. |
| Approach: | They propose a learning method that optimizes a continuous soft safety prompt automatically to facilitate multilingual safeguarding of LLMs. |
| Outcome: | The proposed method outperforms previous approaches in multilingual jailbreak defense while exhibiting strong cross-lingual generalization. |
Similar Papers
English as Defense Proxy: Mitigating Multilingual Jailbreak via Eliciting English Safety Knowledge (2025.findings-emnlp)
Copied to clipboard
| Challenge: | Large language models excel in many tasks, but their safety guarantees vary by language. |
| Approach: | They propose a unified approach that leverages English as a universal safety anchor. |
| Outcome: | The proposed approach leverages English as defense proxy (E-Proxy) to transfer safety knowledge across languages. |
The Language Barrier: Dissecting Safety Challenges of LLMs in Multilingual Contexts (2024.findings-acl)
Copied to clipboard
Lingfeng Shen, Weiting Tan, Sihao Chen, Yunmo Chen, Jingyu Zhang, Haoran Xu, Boyuan Zheng, Philipp Koehn, Daniel Khashabi
| Challenge: | Recent studies show that malicious prompt instructions could solicit objectionable content from LLMs. |
| Approach: | They compare how state-of-the-art LLMs respond to malicious prompts in different languages . they find that LLM's generate unsafe responses more often when a prompt is written in a lower-resource language . |
| Outcome: | The proposed model can generate unsafe responses more often when a malicious prompt is written in a lower-resource language, and less irrelevant responses when written in lower-source languages. |
MrGuard: A Multilingual Reasoning Guardrail for Universal LLM Safety (2025.emnlp-main)
Copied to clipboard
| Challenge: | Large Language Models (LLMs) are susceptible to adversarial attacks such as jailbreaking, which can elicit harmful or unsafe behaviors. |
| Approach: | They propose a multilingual guardrail with reasoning for prompt classification that integrates culturally and linguistically nuanced variants and supervised fine-tuning. |
| Outcome: | The proposed guardrail outperforms baselines across in-domain and out-of-domain languages by more than 15%. |
Dynamic Guided and Domain Applicable Safeguards for Enhanced Security in Large Language Models (2025.findings-naacl)
Copied to clipboard
| Challenge: | Existing defense methods struggle with two key issues: inadequate defense capabilities and over-defensiveness. |
| Approach: | They propose a multi-agents-based framework that leverages accurate external information to provide an unbiased summary of user intentions and safety response guidance. |
| Outcome: | Experiments on popular jailbreak attacks and benign datasets show that the proposed framework can enhance LLM's robustness against jailbreaks without compromising its general functionality. |
Towards Understanding the Fragility of Multilingual LLMs against Fine-Tuning Attacks (2025.findings-naacl)
Copied to clipboard
| Challenge: | Recent advances in Large Language Models have sparked concerns about their safety. |
| Approach: | They propose a method to identify safety-related information in the model parameter space . they propose to use a few adversarially chosen examples to fine-tune LLMs . |
| Outcome: | The proposed method can break safety alignment in multilingual LLMs using a few examples . it also shows that the proposed method jailbreaks LLM models adapted to new languages . |
Multilingual Blending: Large Language Model Safety Alignment Evaluation with Language Mixture (2025.findings-naacl)
Copied to clipboard
| Challenge: | a range of representative Large Language Models have exhibited remarkable generalization capabilities across numerous downstream tasks. |
| Approach: | They propose a query-response scheme to evaluate the safety alignment of LLMs . they found that multilingual query-responding significantly amplifies the detriment of malicious queries . |
| Outcome: | The proposed scheme improves the safety alignment of state-of-the-art LLMs under multilingual conditions. |
All Languages Matter: On the Multilingual Safety of LLMs (2024.findings-acl)
Copied to clipboard
| Challenge: | Existing safety benchmarks only concern the safety in one language, e.g. the majority language in the pretraining data such as English. |
| Approach: | They propose a prompting method to improve multilingual safety of ChatGPT by enhancing cross-lingual generalization of safety alignment. |
| Outcome: | The proposed method can significantly reduce the ratio of unsafe responses by 42% for non-English queries. |
MultiCodeAttack: Iterative Jailbreak Attacking on LLMs with Multi-Code Prompt Injection (2026.findings-acl)
Copied to clipboard
| Challenge: | Existing approaches to jailbreak rely on fixed template design and a single programming language . however, existing approaches do not consider language diversity or adaptive template evolution . |
| Approach: | They propose a structured jailbreak framework that explores and optimizes multi-language code templates. |
| Outcome: | The proposed framework outperforms existing jailbreak baselines and produces higher harmful outputs than baseline methods. |
Defensive Prompt Patch: A Robust and Generalizable Defense of Large Language Models against Jailbreak Attacks (2025.findings-acl)
Copied to clipboard
| Challenge: | Recent advances in large language models (LLMs) have showcased their ability to understand and generate text akin to human interaction. |
| Approach: | They propose a prompt-based defense mechanism specifically designed to protect LLMs against jailbreak attacks by introducing jailbreak prompts into malicious queries. |
| Outcome: | Empirical results show that the proposed defense outperforms existing defense strategies in balancing safety and utility while maintaining high utility. |
Code-Switching Red-Teaming: LLM Evaluation for Safety and Multilingual Understanding (2025.acl-long)
Copied to clipboard
| Challenge: | Recent large language models (LLMs) are inherently multilingual agents . concerns regarding their safety have emerged . |
| Approach: | They propose a framework to synthesize red-teaming queries and investigate their safety . they demonstrate that the framework outperforms existing red- teaming techniques . |
| Outcome: | The proposed framework outperforms existing red-teaming techniques in the safety domain . it generates code-switching attack prompts in monolingual data . |