Diversity Seeking Techniques for Red-Teaming Large Language Models

Seokhan Lee; Bonhwa Ku; Hanseok Ko

doi:10.1109/ICASSP49660.2025.10890844

Diversity Seeking Techniques for Red-Teaming Large Language Models

Seokhan Lee
, Bonhwa Ku
, Hanseok Ko

School of Electrical Engineering

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

In this paper, we present new techniques for increasing the diversity of red-teaming prompts generated by automated machine learning-based methods, thereby enabling the discovery of more vulnerabilities in large language models. Using reinforcement learning to train models to output effective prompts for this task results in the models converging deterministically to a single output. Our first technique, which we term Defender, acts by blocking the reward signal for prompts that have already been discovered, thus making what was a stationary problem into a non-stationary problem that compels the reward maximizing algorithm to continually seek new prompts. Our second technique, Teamplay, trains two prompt generation models in tandem and adds the KL divergence between them to the reward in order to make them search in disparate regions of the space of prompts. Our techniques are shown experimentally to increase the effectiveness and diversity of prompts generated by existing reinforcement learning baselines.

Original language	English
Title of host publication	2025 IEEE International Conference on Acoustics, Speech, and Signal Processing, ICASSP 2025 - Proceedings
Editors	Bhaskar D Rao, Isabel Trancoso, Gaurav Sharma, Neelesh B. Mehta
Publisher	Institute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)	9798350368741
DOIs	https://doi.org/10.1109/ICASSP49660.2025.10890844
Publication status	Published - 2025
Event	2025 IEEE International Conference on Acoustics, Speech, and Signal Processing, ICASSP 2025 - Hyderabad, India Duration: 2025 Apr 6 → 2025 Apr 11

Publication series

Name	ICASSP, IEEE International Conference on Acoustics, Speech and Signal Processing - Proceedings
ISSN (Print)	1520-6149

Conference

Conference	2025 IEEE International Conference on Acoustics, Speech, and Signal Processing, ICASSP 2025
Country/Territory	India
City	Hyderabad
Period	25/4/6 → 25/4/11

Bibliographical note

Publisher Copyright:
© 2025 IEEE.

Keywords

AI safety
large language models
red-teaming
reinforcement learning
toxicity

ASJC Scopus subject areas

Software
Signal Processing
Electrical and Electronic Engineering

Access to Document

10.1109/ICASSP49660.2025.10890844

Cite this

Lee, S., Ku, B., & Ko, H. (2025). Diversity Seeking Techniques for Red-Teaming Large Language Models. In B. D. Rao, I. Trancoso, G. Sharma, & N. B. Mehta (Eds.), 2025 IEEE International Conference on Acoustics, Speech, and Signal Processing, ICASSP 2025 - Proceedings (ICASSP, IEEE International Conference on Acoustics, Speech and Signal Processing - Proceedings). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/ICASSP49660.2025.10890844

Diversity Seeking Techniques for Red-Teaming Large Language Models. / Lee, Seokhan; Ku, Bonhwa; Ko, Hanseok.
2025 IEEE International Conference on Acoustics, Speech, and Signal Processing, ICASSP 2025 - Proceedings. ed. / Bhaskar D Rao; Isabel Trancoso; Gaurav Sharma; Neelesh B. Mehta. Institute of Electrical and Electronics Engineers Inc., 2025. (ICASSP, IEEE International Conference on Acoustics, Speech and Signal Processing - Proceedings).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Lee, S, Ku, B & Ko, H 2025, Diversity Seeking Techniques for Red-Teaming Large Language Models. in BD Rao, I Trancoso, G Sharma & NB Mehta (eds), 2025 IEEE International Conference on Acoustics, Speech, and Signal Processing, ICASSP 2025 - Proceedings. ICASSP, IEEE International Conference on Acoustics, Speech and Signal Processing - Proceedings, Institute of Electrical and Electronics Engineers Inc., 2025 IEEE International Conference on Acoustics, Speech, and Signal Processing, ICASSP 2025, Hyderabad, India, 25/4/6. https://doi.org/10.1109/ICASSP49660.2025.10890844

Lee S, Ku B, Ko H. Diversity Seeking Techniques for Red-Teaming Large Language Models. In Rao BD, Trancoso I, Sharma G, Mehta NB, editors, 2025 IEEE International Conference on Acoustics, Speech, and Signal Processing, ICASSP 2025 - Proceedings. Institute of Electrical and Electronics Engineers Inc. 2025. (ICASSP, IEEE International Conference on Acoustics, Speech and Signal Processing - Proceedings). doi: 10.1109/ICASSP49660.2025.10890844

Lee, Seokhan ; Ku, Bonhwa ; Ko, Hanseok. / Diversity Seeking Techniques for Red-Teaming Large Language Models. 2025 IEEE International Conference on Acoustics, Speech, and Signal Processing, ICASSP 2025 - Proceedings. editor / Bhaskar D Rao ; Isabel Trancoso ; Gaurav Sharma ; Neelesh B. Mehta. Institute of Electrical and Electronics Engineers Inc., 2025. (ICASSP, IEEE International Conference on Acoustics, Speech and Signal Processing - Proceedings).

@inproceedings{bf076a1b19db4fa9ab826563b0fde856,

title = "Diversity Seeking Techniques for Red-Teaming Large Language Models",

abstract = "In this paper, we present new techniques for increasing the diversity of red-teaming prompts generated by automated machine learning-based methods, thereby enabling the discovery of more vulnerabilities in large language models. Using reinforcement learning to train models to output effective prompts for this task results in the models converging deterministically to a single output. Our first technique, which we term Defender, acts by blocking the reward signal for prompts that have already been discovered, thus making what was a stationary problem into a non-stationary problem that compels the reward maximizing algorithm to continually seek new prompts. Our second technique, Teamplay, trains two prompt generation models in tandem and adds the KL divergence between them to the reward in order to make them search in disparate regions of the space of prompts. Our techniques are shown experimentally to increase the effectiveness and diversity of prompts generated by existing reinforcement learning baselines.",

keywords = "AI safety, large language models, red-teaming, reinforcement learning, toxicity",

author = "Seokhan Lee and Bonhwa Ku and Hanseok Ko",

note = "Publisher Copyright: {\textcopyright} 2025 IEEE.; 2025 IEEE International Conference on Acoustics, Speech, and Signal Processing, ICASSP 2025 ; Conference date: 06-04-2025 Through 11-04-2025",

year = "2025",

doi = "10.1109/ICASSP49660.2025.10890844",

language = "English",

series = "ICASSP, IEEE International Conference on Acoustics, Speech and Signal Processing - Proceedings",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

editor = "Rao, \{Bhaskar D\} and Isabel Trancoso and Gaurav Sharma and Mehta, \{Neelesh B.\}",

booktitle = "2025 IEEE International Conference on Acoustics, Speech, and Signal Processing, ICASSP 2025 - Proceedings",

}

TY - GEN

T1 - Diversity Seeking Techniques for Red-Teaming Large Language Models

AU - Lee, Seokhan

AU - Ku, Bonhwa

AU - Ko, Hanseok

PY - 2025

Y1 - 2025

N2 - In this paper, we present new techniques for increasing the diversity of red-teaming prompts generated by automated machine learning-based methods, thereby enabling the discovery of more vulnerabilities in large language models. Using reinforcement learning to train models to output effective prompts for this task results in the models converging deterministically to a single output. Our first technique, which we term Defender, acts by blocking the reward signal for prompts that have already been discovered, thus making what was a stationary problem into a non-stationary problem that compels the reward maximizing algorithm to continually seek new prompts. Our second technique, Teamplay, trains two prompt generation models in tandem and adds the KL divergence between them to the reward in order to make them search in disparate regions of the space of prompts. Our techniques are shown experimentally to increase the effectiveness and diversity of prompts generated by existing reinforcement learning baselines.

AB - In this paper, we present new techniques for increasing the diversity of red-teaming prompts generated by automated machine learning-based methods, thereby enabling the discovery of more vulnerabilities in large language models. Using reinforcement learning to train models to output effective prompts for this task results in the models converging deterministically to a single output. Our first technique, which we term Defender, acts by blocking the reward signal for prompts that have already been discovered, thus making what was a stationary problem into a non-stationary problem that compels the reward maximizing algorithm to continually seek new prompts. Our second technique, Teamplay, trains two prompt generation models in tandem and adds the KL divergence between them to the reward in order to make them search in disparate regions of the space of prompts. Our techniques are shown experimentally to increase the effectiveness and diversity of prompts generated by existing reinforcement learning baselines.

KW - AI safety

KW - large language models

KW - red-teaming

KW - reinforcement learning

KW - toxicity

UR - https://www.scopus.com/pages/publications/105003886058

U2 - 10.1109/ICASSP49660.2025.10890844

DO - 10.1109/ICASSP49660.2025.10890844

M3 - Conference contribution

AN - SCOPUS:105003886058

T3 - ICASSP, IEEE International Conference on Acoustics, Speech and Signal Processing - Proceedings

BT - 2025 IEEE International Conference on Acoustics, Speech, and Signal Processing, ICASSP 2025 - Proceedings

A2 - Rao, Bhaskar D

A2 - Trancoso, Isabel

A2 - Sharma, Gaurav

A2 - Mehta, Neelesh B.

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 2025 IEEE International Conference on Acoustics, Speech, and Signal Processing, ICASSP 2025

Y2 - 6 April 2025 through 11 April 2025

ER -

Diversity Seeking Techniques for Red-Teaming Large Language Models

Abstract

Publication series

Conference

Bibliographical note

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this