Resolving the Security-Auditability Dilemma with Auditable Latent Chain-of-Thought Alignment (2026.acl-long)
Copied to clipboard
| Challenge: | Extensive experiments show that ALCA reduces the success rate of adaptive jailbreak attacks by over 40% compared to strong baselines, while preserving performance. |
| Approach: | They propose a framework that decouples internal reasoning from external output and allows the model to reconstruct its latent reasoning into human-readable text for supervision under specific guidance. |
| Outcome: | The proposed framework reduces the success rate of adaptive jailbreak attacks by over 40% compared to baselines while preserving performance. |
Similar Papers
More Thinking, Less Talking: Internalizing Deliberative Safety into LLM Parameters (2026.acl-long)
Copied to clipboard
| Challenge: | Existing safety alignment methods leave Large Language Models vulnerable to sophisticated jailbreak attacks. |
| Approach: | They propose a safety reasoning internalization framework that internalizes safety reasoning into an implicit computational pathway using Low-Rank Adaptation (LoRA). |
| Outcome: | The proposed framework achieves a 43% lower Attack Success Rate (ASR) against distinct jailbreak attacks compared to strong baselines. |
Unlocking the Black Box of Latent Reasoning: An Interpretability-Guided Approach to Intervention (2026.acl-long)
Copied to clipboard
| Challenge: | Existing methods for large language models (LLMs) lack a coherent representation of reasoning steps. |
| Approach: | They propose a set of latent reasoning interventions that enable latent thinking and decode-time interventions that refine the latent process by imposing the identified geometric and semantic priors. |
| Outcome: | The proposed models unlock latent capabilities and improve reasoning accuracy without any parameter updates. |
Thinking Twice Makes Large Language Models Safer and More Helpful (2026.findings-acl)
Copied to clipboard
| Challenge: | Existing safety alignment techniques for large language models (LLMs) struggle to balance harmlessness and usefulness. |
| Approach: | They propose a safety-aware reflection-based reasoning framework that internalizes self-reflective reasoning and encourages reflection and correction. |
| Outcome: | The proposed framework outperforms reasoning-based alignment methods in safety alignment. |
Explainable Chain-of-Thought Reasoning: An Empirical Analysis on State-Aware Reasoning Dynamics (2025.findings-emnlp)
Copied to clipboard
Sheldon Yu, Yuxin Xiong, Junda Wu, Xintong Li, Tong Yu, Xiang Chen, Ritwik Sinha, Jingbo Shang, Julian McAuley
| Challenge: | Recent advances in chain-of-thought prompting have demonstrated the ability of large language models to perform multi-step reasoning. |
| Approach: | They propose a framework to analyze latent dynamics of CoT trajectories for interpretability . they segment generated CoT into discrete reasoning steps and abstract each step into a spectral embedding based on token-level Gram matrices . |
| Outcome: | The proposed framework segments generated CoT steps into discrete reasoning steps, abstracts each step into a spectral embedding based on token-level Gram matrices, and clusters these embeddements into semantically meaningful latent states. |
SeLaR: Selective Latent Reasoning in Large Language Models (2026.acl-long)
Copied to clipboard
| Challenge: | Recent latent reasoning approaches replace discrete tokens with soft embeddings or hidden states, but they often suffer from two issues: (1) global activation injects perturbations into high-confidence steps, impairing reasoning stability; and (2) soft embeds quickly collapse toward the highest-probability token, limiting exploration of alternative trajectories. |
| Approach: | They propose a lightweight and training-free framework that replaces discrete tokens with soft embeddings or hidden states to address these challenges. |
| Outcome: | Experiments on five reasoning benchmarks show that SeLaR outperforms standard CoT and state-of-the-art training-free methods. |
Beyond Surface Alignment: Rebuilding LLMs Safety Mechanism via Probabilistically Ablating Refusal Direction (2025.findings-emnlp)
Copied to clipboard
| Challenge: | Jailbreak attacks pose persistent threats to large language models . current safety alignment methods have insufficient safety alignment depth and unrobust internal defense mechanisms. |
| Approach: | a new safety alignment framework is developed to overcome jailbreak attacks . the framework forces the model to dynamically rebuild its refusal mechanisms from jailbreak states . |
| Outcome: | a new safety alignment framework reduces attack success rates by approximately 95% on four open-source LLM families and six representative attacks. |
Towards Safety Reasoning in LLMs: AI-agentic Deliberation for Policy-embedded CoT Data Creation (2025.findings-acl)
Copied to clipboard
Tharindu Kumarage, Ninareh Mehrabi, Anil Ramakrishna, Xinyan Zhao, Richard Zemel, Kai-Wei Chang, Aram Galstyan, Rahul Gupta, Charith Peris
| Challenge: | Safety reasoning paradigms require high-quality policy-embedded chain-of-thought datasets . generating such data through human annotations is prohibitively expensive . |
| Approach: | They propose AIDSAFE: Agentic Iterative Deliberation for Safety Reasoning . AIDS AFE leverages multi-agent deliberation to iteratively expand reasoning on safety policies . |
| Outcome: | The proposed model improves policy adherence and reasoning quality while maintaining acceptable utility and over-refusal accuracy. |
Critical-CoT: A Robust Defense Framework against Reasoning-Level Backdoor Attacks in Large Language Models (2026.acl-long)
Copied to clipboard
| Challenge: | Large Language Models (LLMs) are vulnerable to backdoors that use long-form reasoning to generate a specific word, choice, or class. |
| Approach: | They propose a mechanism that allows LLMs to develop critical thinking behaviors and detect backdoors by a two-stage fine-tuning. |
| Outcome: | The proposed mechanism exhibits strong cross-domain and cross-task generalization. |
Between a Rock and a Hard Place: The Tension Between Ethical Reasoning and Safety Alignment in LLMs (2026.acl-long)
Copied to clipboard
| Challenge: | Large Language Models (LLMs) safety alignment predominantly operates on a binary assumption that requests are either safe or unsafe. |
| Approach: | They propose a methodology that embeds harmful requests within ethical framings to exploit this vulnerability. |
| Outcome: | The proposed framework achieves high success rates by exploiting model's own ethical reasoning to frame harmful actions as morally necessary compromises. |
SafeChain: Safety of Language Models with Long Chain-of-Thought Reasoning Capabilities (2025.findings-acl)
Copied to clipboard
Fengqing Jiang, Zhangchen Xu, Yuetai Li, Luyao Niu, Zhen Xiang, Bo Li, Bill Yuchen Lin, Radha Poovendran
| Challenge: | Emerging large reasoning models (LRMs) leverage long chain-of-thought (CoT) reasoning to enhance their reasoning capabilities. |
| Approach: | They conduct a systematic study of LRM safety using human annotations to assess their safety. |
| Outcome: | The proposed safety measures are compared to state-of-the-art models on strong and wildjailbreak datasets. |