Break the Breakout: Reinventing LM Defense Against Jailbreak Attacks with Self-Refinement

arXiv:2402.15180v1 Announce Type: cross
Abstract: Caution: This paper includes offensive words that could potentially cause unpleasantness. Language models (LMs) are vulnerable to exploitation for adversarial misuse. Training LMs for safety alignment is extensive and makes it hard to respond to fast-developing attacks immediately, such as jailbreaks. We propose self-refine with formatting that achieves outstanding safety even in non-safety-aligned LMs and evaluate our method alongside several defense baselines, demonstrating that it is the safest training-free method against jailbreak attacks. Additionally, we …

adversarial alignment arxiv attacks cs.cl cs.cr cs.lg defense exploitation fast hard jailbreak language language models lms offensive refine respond safety training vulnerable