Abstract:Current adversarial robustness methods for large language models require extensive datasets of harmful prompts (thousands to hundreds of thousands of examples), yet remain vulnerable to novel attack vectors and distributional shifts. We propose Latent Personality Alignment (LPA), a sample-efficient defense that achieves robustness by training models on abstract personality traits rather than specific harmful behaviors. Using fewer than 100 trait statements and latent adversarial training, LPA achieves comparable attack success rates to methods trained on 150k+ examples, while maintaining superior utility. Critically, LPA generalizes better to unseen attack distributions, reducing misclassification rates by 2.6x compared to baseline across six harm benchmarks -- without ever seeing harmful examples during training. Our results demonstrate that personality-based alignment offers a principled approach to building robust defenses with minimal cost.
| Comments: | published at Trustworthy AI Workshop, ICLR 2026 |
| Subjects: | Artificial Intelligence (cs.AI) |
| ACM classes: | I.2.7 |
| Cite as: | arXiv:2605.08496 [cs.AI] |
| (or arXiv:2605.08496v1 [cs.AI] for this version) | |
| https://doi.org/10.48550/arXiv.2605.08496 arXiv-issued DOI via DataCite (pending registration) |
Submission history
From: David Williams-King [view email]
[v1]
Fri, 8 May 2026 21:21:59 UTC (667 KB)