Saved in:
Bibliographic Details
Main Authors: Zhang, Xiaoyun, Zhao, Zhengyue, Shi, Wenxuan, Xu, Kaidi, Huang, Di, Hu, Xing
Format: Preprint
Published: 2024
Subjects:
Online Access:https://arxiv.org/abs/2406.16743
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866911316185186304
author Zhang, Xiaoyun
Zhao, Zhengyue
Shi, Wenxuan
Xu, Kaidi
Huang, Di
Hu, Xing
author_facet Zhang, Xiaoyun
Zhao, Zhengyue
Shi, Wenxuan
Xu, Kaidi
Huang, Di
Hu, Xing
contents With the widespread application of Large Language Models (LLMs), it has become a significant concern to ensure their safety and prevent harmful responses. While current safe-alignment methods based on instruction fine-tuning and Reinforcement Learning from Human Feedback (RLHF) can effectively reduce harmful responses from LLMs, they often require high-quality datasets and heavy computational overhead during model training. Another way to align language models is to modify the logit of tokens in model outputs without heavy training. Recent studies have shown that contrastive decoding can enhance the performance of language models by reducing the likelihood of confused tokens. However, these methods require the manual selection of contrastive models or instruction templates, limiting the degree of contrast. To this end, we propose Adversarial Contrastive Decoding (ACD), an optimization-based framework to generate two opposite soft system prompts, the Safeguarding Prompt (SP) and the Adversarial Prompt (AP), for prompt-based contrastive decoding. The SP aims to promote safer outputs while the AP aims to exploit the harmful parts of the model, providing a strong contrast to align the model with safety. ACD only needs to apply a lightweight prompt tuning on a rather small anchor dataset without training the target model. Experiments conducted on extensive models and benchmarks demonstrate that the proposed method achieves much better safety performance than previous model training-free decoding methods without sacrificing its original generation ability.
format Preprint
id arxiv_https___arxiv_org_abs_2406_16743
institution arXiv
publishDate 2024
record_format arxiv
spellingShingle Safety Alignment of Large Language Models via Contrasting Safe and Harmful Distributions
Zhang, Xiaoyun
Zhao, Zhengyue
Shi, Wenxuan
Xu, Kaidi
Huang, Di
Hu, Xing
Computation and Language
With the widespread application of Large Language Models (LLMs), it has become a significant concern to ensure their safety and prevent harmful responses. While current safe-alignment methods based on instruction fine-tuning and Reinforcement Learning from Human Feedback (RLHF) can effectively reduce harmful responses from LLMs, they often require high-quality datasets and heavy computational overhead during model training. Another way to align language models is to modify the logit of tokens in model outputs without heavy training. Recent studies have shown that contrastive decoding can enhance the performance of language models by reducing the likelihood of confused tokens. However, these methods require the manual selection of contrastive models or instruction templates, limiting the degree of contrast. To this end, we propose Adversarial Contrastive Decoding (ACD), an optimization-based framework to generate two opposite soft system prompts, the Safeguarding Prompt (SP) and the Adversarial Prompt (AP), for prompt-based contrastive decoding. The SP aims to promote safer outputs while the AP aims to exploit the harmful parts of the model, providing a strong contrast to align the model with safety. ACD only needs to apply a lightweight prompt tuning on a rather small anchor dataset without training the target model. Experiments conducted on extensive models and benchmarks demonstrate that the proposed method achieves much better safety performance than previous model training-free decoding methods without sacrificing its original generation ability.
title Safety Alignment of Large Language Models via Contrasting Safe and Harmful Distributions
topic Computation and Language
url https://arxiv.org/abs/2406.16743