Jailbreak Detection in Clinical Training LLMs Using Feature-Based Predictive Models
Authors:
Tri Nguyen,
Lohith Srikanth Pentapalli,
Magnus Sieverding,
Laurah Turner,
Seth Overla,
Weibing Zheng,
Chris Zhou,
David Furniss,
Danielle Weber,
Michael Gharib,
Matt Kelleher,
Michael Shukis,
Cameron Pawlik,
Kelly Cohen
Abstract:
Jailbreaking in Large Language Models (LLMs) threatens their safe use in sensitive domains like education by allowing users to bypass ethical safeguards. This study focuses on detecting jailbreaks in 2-Sigma, a clinical education platform that simulates patient interactions using LLMs. We annotated over 2,300 prompts across 158 conversations using four linguistic variables shown to correlate stron…
▽ More
Jailbreaking in Large Language Models (LLMs) threatens their safe use in sensitive domains like education by allowing users to bypass ethical safeguards. This study focuses on detecting jailbreaks in 2-Sigma, a clinical education platform that simulates patient interactions using LLMs. We annotated over 2,300 prompts across 158 conversations using four linguistic variables shown to correlate strongly with jailbreak behavior. The extracted features were used to train several predictive models, including Decision Trees, Fuzzy Logic-based classifiers, Boosting methods, and Logistic Regression. Results show that feature-based predictive models consistently outperformed Prompt Engineering, with the Fuzzy Decision Tree achieving the best overall performance. Our findings demonstrate that linguistic-feature-based models are effective and explainable alternatives for jailbreak detection. We suggest future work explore hybrid frameworks that integrate prompt-based flexibility with rule-based robustness for real-time, spectrum-based jailbreak monitoring in educational LLMs.
△ Less
Submitted 21 April, 2025;
originally announced May 2025.
