Large Language Models (LLMs) have significantly advanced natural language processing (NLP) tasks but also pose ethical and societal risks due to their propensity to generate harmful content. To address this, various approaches have been developed to safeguard LLMs from producing unsafe content. However, existing methods have limitations, including the need for training specific control models and proactive intervention during text generation, that lead to quality degradation and increased computational overhead. To mitigate those limitations, we propose LLMSafeGuard, a lightweight framework to safeguard LLM text generation in real-time. LLMSafeGuard integrates an external validator into the beam search algorithm during decoding, rejecting candidates that violate safety constraints while allowing valid ones to proceed. We introduce a similarity based validation approach, simplifying constraint introduction and eliminating the need for control model training. Additionally, LLMSafeGuard employs a context-wise timing selection strategy, intervening LLMs only when necessary. We evaluate LLMSafe-Guard on two tasks, detoxification and copyright safeguarding, and demonstrate its superior performance over SOTA baselines. For instance, LLMSafeGuard reduces the average toxic score of. LLM output by 29.7% compared to the best baseline meanwhile preserving similar linguistic quality as natural output in detoxification task. Similarly, in the copyright task, LLMSafeGuard decreases the Longest Common Subsequence (LCS) by 56.2% compared to baselines. Moreover, our context-wise timing selection strategy reduces inference time by at least 24% meanwhile maintaining comparable effectiveness as validating each time step. LLMSafeGuard also offers tunable parameters to balance its effectiveness and efficiency.

翻译：大型语言模型（LLM）显著推动了自然语言处理（NLP）任务的发展，但其生成有害内容的倾向也带来了伦理与社会风险。针对这一问题，学界已开发多种方法保护LLM免于生成不安全内容。然而现有方法存在局限性，包括需要训练特定控制模型、在文本生成过程中进行主动干预，从而导致生成质量下降和计算开销增加。为缓解这些局限，我们提出LLMSafeGuard——一个轻量级框架，用于实时保障LLM文本生成的安全性。LLMSafeGuard在解码阶段将外部验证器集成至束搜索算法中，拒绝违反安全约束的候选结果，同时允许有效候选结果继续生成。我们引入基于相似性的验证方法，简化约束引入流程并消除控制模型训练需求。此外，LLMSafeGuard采用上下文感知时序选择策略，仅在必要时对LLM进行干预。我们在文本去毒化和版权保护两项任务上评估了LLMSafeGuard，实验结果表明其性能优于当前最优基线方法。例如在去毒化任务中，与最佳基线相比，LLMSafeGuard将LLM输出的平均毒性分数降低29.7%，同时保持与自然输出相近的语言质量。类似地，在版权保护任务中，LLMSafeGuard将最长公共子序列（LCS）长度较基线降低56.2%。此外，我们的上下文感知时序选择策略将推理时间至少减少24%，同时保持与每步验证相当的有效性。LLMSafeGuard还提供可调节参数，用于平衡防护效果与运行效率。