Kavli Affiliate: Zheng Zhu
| First 5 Authors: Xiuyuan Chen, Xiuyuan Chen, , ,
| Summary:
Existing safety evaluation methods for large language models (LLMs) suffer
from inherent limitations, including evaluator bias and detection failures
arising from model homogeneity, which collectively undermine the robustness of
risk evaluation processes. This paper seeks to re-examine the risk evaluation
paradigm by introducing a theoretical framework that reconstructs the
underlying risk concept space. Specifically, we decompose the latent risk
concept space into three mutually exclusive subspaces: the explicit risk
subspace (encompassing direct violations of safety guidelines), the implicit
risk subspace (capturing potential malicious content that requires contextual
reasoning for identification), and the non-risk subspace. Furthermore, we
propose RADAR, a multi-agent collaborative evaluation framework that leverages
multi-round debate mechanisms through four specialized complementary roles and
employs dynamic update mechanisms to achieve self-evolution of risk concept
distributions. This approach enables comprehensive coverage of both explicit
and implicit risks while mitigating evaluator bias. To validate the
effectiveness of our framework, we construct an evaluation dataset comprising
800 challenging cases. Extensive experiments on our challenging testset and
public benchmarks demonstrate that RADAR significantly outperforms baseline
evaluation methods across multiple dimensions, including accuracy, stability,
and self-evaluation risk sensitivity. Notably, RADAR achieves a 28.87%
improvement in risk identification accuracy compared to the strongest baseline
evaluation method.
| Search Query: ArXiv Query: search_query=au:”Zheng Zhu”&id_list=&start=0&max_results=3