Abstract:Large Language Models (LLMs) pose a significant risk of safety misalignment after finetuning, as models can be compromised by both explicitly and implicitly harmful data. Even some seemingly benign data can inadvertently steer a model towards misaligned behaviors. To address this, we introduce GradShield, a principled filtering method that safeguards LLMs during finetuning by identifying and removing harmful data points before they corrupt the model's alignment. It removes potentially harmful data by computing a Finetuning Implicit Harmfulness Score (FIHS) for each data point and employs an adaptive thresholding algorithm. We apply GradShield to multiple utility fine-tuning tasks across varying levels of harmful data and evaluate the safety and utility performance of the resulting LLMs using various metrics. The results show that GradShield outperforms all baseline methods, consistently maintaining an Attack Success Rate (ASR) below $6\%$ while preserving utility performance.
| Subjects: | Computation and Language (cs.CL) |
| Cite as: | arXiv:2605.14194 [cs.CL] |
| (or arXiv:2605.14194v1 [cs.CL] for this version) | |
| https://doi.org/10.48550/arXiv.2605.14194 arXiv-issued DOI via DataCite (pending registration) |
Submission history
From: Zhanhao Hu [view email]
[v1]
Wed, 13 May 2026 23:19:55 UTC (790 KB)