English

Re-Triggering Safeguards within LLMs for Jailbreak Detection

Cryptography and Security 2026-05-12 v1 Artificial Intelligence

Abstract

This paper proposes a jailbreaking prompt detection method for large language models (LLMs) to defend against jailbreak attacks. Although recent LLMs are equipped with built-in safeguards, it remains possible to craft jailbreaking prompts that bypass them. We argue that such jailbreaking prompts are inherently fragile, and thus introduce an embedding disruption method to re-activate the safeguards within LLMs. Unlike previous defense methods that aim to serve as standalone solutions, our approach instead cooperates with the LLM's internal defense mechanisms by re-triggering them. Moreover, through extensive analysis, we gain a comprehensive understanding of the disruption effects and develop an efficient search algorithm to identify appropriate disruptions for effective jailbreak detection. Extensive experiments demonstrate that our approach effectively defends against state-of-the-art jailbreak attacks in white-box and black-box settings, and remains robust even against adaptive attacks.

Keywords

Cite

@article{arxiv.2605.10611,
  title  = {Re-Triggering Safeguards within LLMs for Jailbreak Detection},
  author = {Zheng Lin and Zhenxing Niu and Haoxuan Ji and Yuzhe Huang and Haichang Gao},
  journal= {arXiv preprint arXiv:2605.10611},
  year   = {2026}
}