Multilingual Collaborative Defense for Large Language Models (2025.findings-emnlp)

Copied to clipboard

Challenge: Existing safeguards for Large Language Models are vulnerable to "jailbreaking" harmful queries.
Approach: They propose a learning method that optimizes a continuous soft safety prompt automatically to facilitate multilingual safeguarding of LLMs.
Outcome: The proposed method outperforms previous approaches in multilingual jailbreak defense while exhibiting strong cross-lingual generalization.

Similar Papers

English as Defense Proxy: Mitigating Multilingual Jailbreak via Eliciting English Safety Knowledge (2025.findings-emnlp)

Copied to clipboard

Challenge: Large language models excel in many tasks, but their safety guarantees vary by language.
Approach: They propose a unified approach that leverages English as a universal safety anchor.
Outcome: The proposed approach leverages English as defense proxy (E-Proxy) to transfer safety knowledge across languages.
The Language Barrier: Dissecting Safety Challenges of LLMs in Multilingual Contexts (2024.findings-acl)

Copied to clipboard

Challenge: Recent studies show that malicious prompt instructions could solicit objectionable content from LLMs.
Approach: They compare how state-of-the-art LLMs respond to malicious prompts in different languages . they find that LLM's generate unsafe responses more often when a prompt is written in a lower-resource language .
Outcome: The proposed model can generate unsafe responses more often when a malicious prompt is written in a lower-resource language, and less irrelevant responses when written in lower-source languages.
MrGuard: A Multilingual Reasoning Guardrail for Universal LLM Safety (2025.emnlp-main)

Copied to clipboard

Challenge: Large Language Models (LLMs) are susceptible to adversarial attacks such as jailbreaking, which can elicit harmful or unsafe behaviors.
Approach: They propose a multilingual guardrail with reasoning for prompt classification that integrates culturally and linguistically nuanced variants and supervised fine-tuning.
Outcome: The proposed guardrail outperforms baselines across in-domain and out-of-domain languages by more than 15%.
Dynamic Guided and Domain Applicable Safeguards for Enhanced Security in Large Language Models (2025.findings-naacl)

Copied to clipboard

Challenge: Existing defense methods struggle with two key issues: inadequate defense capabilities and over-defensiveness.
Approach: They propose a multi-agents-based framework that leverages accurate external information to provide an unbiased summary of user intentions and safety response guidance.
Outcome: Experiments on popular jailbreak attacks and benign datasets show that the proposed framework can enhance LLM's robustness against jailbreaks without compromising its general functionality.
Towards Understanding the Fragility of Multilingual LLMs against Fine-Tuning Attacks (2025.findings-naacl)

Copied to clipboard

Challenge: Recent advances in Large Language Models have sparked concerns about their safety.
Approach: They propose a method to identify safety-related information in the model parameter space . they propose to use a few adversarially chosen examples to fine-tune LLMs .
Outcome: The proposed method can break safety alignment in multilingual LLMs using a few examples . it also shows that the proposed method jailbreaks LLM models adapted to new languages .
Multilingual Blending: Large Language Model Safety Alignment Evaluation with Language Mixture (2025.findings-naacl)

Copied to clipboard

Challenge: a range of representative Large Language Models have exhibited remarkable generalization capabilities across numerous downstream tasks.
Approach: They propose a query-response scheme to evaluate the safety alignment of LLMs . they found that multilingual query-responding significantly amplifies the detriment of malicious queries .
Outcome: The proposed scheme improves the safety alignment of state-of-the-art LLMs under multilingual conditions.
All Languages Matter: On the Multilingual Safety of LLMs (2024.findings-acl)

Copied to clipboard

Challenge: Existing safety benchmarks only concern the safety in one language, e.g. the majority language in the pretraining data such as English.
Approach: They propose a prompting method to improve multilingual safety of ChatGPT by enhancing cross-lingual generalization of safety alignment.
Outcome: The proposed method can significantly reduce the ratio of unsafe responses by 42% for non-English queries.
MultiCodeAttack: Iterative Jailbreak Attacking on LLMs with Multi-Code Prompt Injection (2026.findings-acl)

Copied to clipboard

Challenge: Existing approaches to jailbreak rely on fixed template design and a single programming language . however, existing approaches do not consider language diversity or adaptive template evolution .
Approach: They propose a structured jailbreak framework that explores and optimizes multi-language code templates.
Outcome: The proposed framework outperforms existing jailbreak baselines and produces higher harmful outputs than baseline methods.
Defensive Prompt Patch: A Robust and Generalizable Defense of Large Language Models against Jailbreak Attacks (2025.findings-acl)

Copied to clipboard

Challenge: Recent advances in large language models (LLMs) have showcased their ability to understand and generate text akin to human interaction.
Approach: They propose a prompt-based defense mechanism specifically designed to protect LLMs against jailbreak attacks by introducing jailbreak prompts into malicious queries.
Outcome: Empirical results show that the proposed defense outperforms existing defense strategies in balancing safety and utility while maintaining high utility.
Code-Switching Red-Teaming: LLM Evaluation for Safety and Multilingual Understanding (2025.acl-long)

Copied to clipboard

Challenge: Recent large language models (LLMs) are inherently multilingual agents . concerns regarding their safety have emerged .
Approach: They propose a framework to synthesize red-teaming queries and investigate their safety . they demonstrate that the framework outperforms existing red- teaming techniques .
Outcome: The proposed framework outperforms existing red-teaming techniques in the safety domain . it generates code-switching attack prompts in monolingual data .

What is GenGO?

GenGO is an NLP powered publication search system. It currenctly indexes 30k+ papers from ACL Anthology, and implements multi-aspect summarization, semantic search, and more!

Information

About
Limitations