Saved in:
Bibliographic Details
Main Authors: Wu, Jiaqi, Chen, Chen, Hou, Chunyan, Yuan, Xiaojie
Format: Preprint
Published: 2025
Subjects:
Online Access:https://arxiv.org/abs/2502.15594
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866918031321464832
author Wu, Jiaqi
Chen, Chen
Hou, Chunyan
Yuan, Xiaojie
author_facet Wu, Jiaqi
Chen, Chen
Hou, Chunyan
Yuan, Xiaojie
contents With the widespread real-world deployment of large language models (LLMs), ensuring their behavior complies with safety standards has become crucial. Jailbreak attacks exploit vulnerabilities in LLMs to induce undesirable behavior, posing a significant threat to LLM safety. Previous defenses often fail to achieve both effectiveness and efficiency simultaneously. Defenses from a representation perspective offer new insights, but existing interventions cannot dynamically adjust representations based on the harmfulness of the queries. To address this limitation, we propose SafeIntervention (SafeInt), a novel defense method that shields LLMs from jailbreak attacks through safety-aware representation intervention. Built on our analysis of the representations of jailbreak samples, the core idea of SafeInt is to relocate jailbreak-related representations into the rejection region. This is achieved by intervening in the representation distributions of jailbreak samples to align them with those of unsafe samples. We conduct comprehensive experiments covering six jailbreak attacks, two jailbreak datasets, and two utility benchmarks. Experimental results demonstrate that SafeInt outperforms all baselines in defending LLMs against jailbreak attacks while largely maintaining utility. Additionally, we evaluate SafeInt against adaptive attacks and verify its effectiveness in mitigating real-time attacks.
format Preprint
id arxiv_https___arxiv_org_abs_2502_15594
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle SafeInt: Shielding Large Language Models from Jailbreak Attacks via Safety-Aware Representation Intervention
Wu, Jiaqi
Chen, Chen
Hou, Chunyan
Yuan, Xiaojie
Computation and Language
With the widespread real-world deployment of large language models (LLMs), ensuring their behavior complies with safety standards has become crucial. Jailbreak attacks exploit vulnerabilities in LLMs to induce undesirable behavior, posing a significant threat to LLM safety. Previous defenses often fail to achieve both effectiveness and efficiency simultaneously. Defenses from a representation perspective offer new insights, but existing interventions cannot dynamically adjust representations based on the harmfulness of the queries. To address this limitation, we propose SafeIntervention (SafeInt), a novel defense method that shields LLMs from jailbreak attacks through safety-aware representation intervention. Built on our analysis of the representations of jailbreak samples, the core idea of SafeInt is to relocate jailbreak-related representations into the rejection region. This is achieved by intervening in the representation distributions of jailbreak samples to align them with those of unsafe samples. We conduct comprehensive experiments covering six jailbreak attacks, two jailbreak datasets, and two utility benchmarks. Experimental results demonstrate that SafeInt outperforms all baselines in defending LLMs against jailbreak attacks while largely maintaining utility. Additionally, we evaluate SafeInt against adaptive attacks and verify its effectiveness in mitigating real-time attacks.
title SafeInt: Shielding Large Language Models from Jailbreak Attacks via Safety-Aware Representation Intervention
topic Computation and Language
url https://arxiv.org/abs/2502.15594