TL;DR
This paper investigates why post-training reduces LLM safety and introduces SafeReAct, a lightweight method to restore safety mechanisms without harming reasoning abilities.
Contribution
The paper reveals that post-training masks safety features in LLMs and proposes SafeReAct to reactivate these safety mechanisms efficiently.
Findings
SafeReAct significantly improves safety on harmful prompts.
The method does not compromise reasoning performance.
Safety mechanisms still exist in post-trained LRMs.
Abstract
Despite the impressive performance of general-purpose large language models (LLMs), they often require fine-tuning or post-training to excel at specific tasks. For instance, large reasoning models (LRMs), such as the DeepSeek-R1 series, demonstrate strong reasoning capabilities after post-training different general large language models on diverse chain-of-thought (CoT) datasets. However, this additional training frequently comes at the cost of reduced safety, as the fine-tuned or post-trained models tend to exhibit more harmful behaviors compared with the regular LLMs before post-training or fine-tuning, potentially leading to harmful outcomes due to their enhanced capabilities. Taking LRMs as an example, we first investigate the underlying cause of this safety degradation in this paper. Our analysis reveals that post-training can mask the original safety mechanisms of the base LLM,…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
