English

Improved Large Language Model Jailbreak Detection via Pretrained Embeddings

Cryptography and Security 2024-12-03 v1 Artificial Intelligence Machine Learning

Abstract

The adoption of large language models (LLMs) in many applications, from customer service chat bots and software development assistants to more capable agentic systems necessitates research into how to secure these systems. Attacks like prompt injection and jailbreaking attempt to elicit responses and actions from these models that are not compliant with the safety, privacy, or content policies of organizations using the model in their application. In order to counter abuse of LLMs for generating potentially harmful replies or taking undesirable actions, LLM owners must apply safeguards during training and integrate additional tools to block the LLM from generating text that abuses the model. Jailbreaking prompts play a vital role in convincing an LLM to generate potentially harmful content, making it important to identify jailbreaking attempts to block any further steps. In this work, we propose a novel approach to detect jailbreak prompts based on pairing text embeddings well-suited for retrieval with traditional machine learning classification algorithms. Our approach outperforms all publicly available methods from open source LLM security applications.

Keywords

Cite

@article{arxiv.2412.01547,
  title  = {Improved Large Language Model Jailbreak Detection via Pretrained Embeddings},
  author = {Erick Galinkin and Martin Sablotny},
  journal= {arXiv preprint arXiv:2412.01547},
  year   = {2024}
}

Comments

Submitted to AICS 2025: https://aics.site

R2 v1 2026-06-28T20:19:48.579Z