Search papers, labs, and topics across Lattice.
The paper introduces SaFer Chain-of-Thought (SFCoT), a framework that proactively evaluates and calibrates the safety of intermediate reasoning steps in LLMs to defend against jailbreak attacks. SFCoT uses a three-tier safety scoring system and multi-perspective consistency verification to detect risks during reasoning. Experiments show SFCoT significantly reduces attack success rates (from 58.97% to 12.31%) without substantially impacting general performance.
LLM jailbreaks can be thwarted by actively monitoring and correcting unsafe reasoning steps *during* chain-of-thought, not just at the final output.
Large language models (LLMs) have demonstrated remarkable capabilities in complex reasoning tasks. However, they remain highly susceptible to jailbreak attacks that undermine their safety alignment. Existing defense mechanisms typically rely on post hoc filtering applied only to the final output, leaving intermediate reasoning steps unmonitored and vulnerable to adversarial manipulation. To address this gap, this paper proposes a SaFer Chain-of-Thought (SFCoT) framework, which proactively evaluates and calibrates potentially unsafe reasoning steps in real time. SFCoT incorporates a three-tier safety scoring system alongside a multi-perspective consistency verification mechanism, designed to detect potential risks throughout the reasoning process. A dynamic intervention module subsequently performs targeted calibration to redirect reasoning trajectories toward safe outcomes. Experimental results demonstrate that SFCoT reduces the attack success rate from $58.97\%$ to $12.31\%$, demonstrating it as an effective and efficient LLM safety enhancement method without a significant decline in general performance.
