init commit
Browse files
README.md
CHANGED
|
@@ -1,3 +1,64 @@
|
|
| 1 |
---
|
| 2 |
license: apache-2.0
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 3 |
---
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1 |
---
|
| 2 |
license: apache-2.0
|
| 3 |
+
language:
|
| 4 |
+
- en
|
| 5 |
+
tags:
|
| 6 |
+
- Safety
|
| 7 |
+
- Defense
|
| 8 |
+
- Jailbreak
|
| 9 |
+
- Multi-turn
|
| 10 |
+
- Harmful
|
| 11 |
+
- Benign
|
| 12 |
+
pretty_name: MTID
|
| 13 |
+
size_categories:
|
| 14 |
+
- 10K<n<100K
|
| 15 |
+
base_model:
|
| 16 |
+
- Qwen/Qwen3-4B-Instruct-2507
|
| 17 |
+
datasets:
|
| 18 |
+
- Graph-COM/MTID
|
| 19 |
---
|
| 20 |
+
# TurnGate: Response-Aware Defense Against Hidden Malicious Intent in Multi-Turn Dialogue
|
| 21 |
+
|
| 22 |
+
<a href="https://arxiv.org/abs/2605.05630" target="_blank">
|
| 23 |
+
<img alt="arXiv" src="https://img.shields.io/badge/arXiv-TurnGate-red?logo=arxiv&style=for-the-badge" />
|
| 24 |
+
</a>
|
| 25 |
+
<a href="https://turn-gate.github.io" target="_blank">
|
| 26 |
+
<img alt="Website" src="https://img.shields.io/badge/🌎_Homepage-blue.svg?style=for-the-badge" />
|
| 27 |
+
</a>
|
| 28 |
+
<a href="https://github.com/Graph-COM/TurnGate" target="_blank">
|
| 29 |
+
<img alt="GitHub code" src="https://img.shields.io/badge/💻_Code_GitHub-black.svg?style=for-the-badge" />
|
| 30 |
+
</a>
|
| 31 |
+
<a href="#cite" target="_blank">
|
| 32 |
+
<img alt="Cite" src="https://img.shields.io/badge/📖_Cite!-lightgrey?style=for-the-badge" />
|
| 33 |
+
</a>
|
| 34 |
+
<a href="https://www.python.org/" target="_blank">
|
| 35 |
+
<img alt="Python" src="https://img.shields.io/badge/Python-3.12-blue?style=for-the-badge" />
|
| 36 |
+
</a>
|
| 37 |
+
|
| 38 |
+
|
| 39 |
+
## Overview
|
| 40 |
+
|
| 41 |
+
TurnGate is a response-aware defense mechanism designed to detect and mitigate hidden malicious intent in multi-turn dialogue systems. Defending state-of-the-art multi-turn malicious attacks like [CKA-Agent](https://cka-agent.github.io/).
|
| 42 |
+
|
| 43 |
+
|
| 44 |
+
|
| 45 |
+
## TurnGate-0.1
|
| 46 |
+
|
| 47 |
+
TurnGate is a specialized monitor designed to detect hidden malicious intent in multi-turn dialogues. Unlike traditional filters that look at queries in isolation, TurnGate is response-aware: it inspects the assistant's candidate response in the context of the full dialogue history to identify the precise "closure turn" where a harmful objective becomes actionable.
|
| 48 |
+
|
| 49 |
+
This repository contains the weights for TurnGate-0.1, a model trained on the Multi-Turn Intent Dataset (MTID) and optimized via reinforcement learning with turn-level process rewards.
|
| 50 |
+
|
| 51 |
+
## Cite
|
| 52 |
+
If you find this repository useful for your research, please consider citing the following paper:
|
| 53 |
+
|
| 54 |
+
```bibtex
|
| 55 |
+
@misc{shen2026turnlateresponseawaredefense,
|
| 56 |
+
title={One Turn Too Late: Response-Aware Defense Against Hidden Malicious Intent in Multi-Turn Dialogue},
|
| 57 |
+
author={Xinjie Shen and Rongzhe Wei and Peizhi Niu and Haoyu Wang and Ruihan Wu and Eli Chien and Bo Li and Pin-Yu Chen and Pan Li},
|
| 58 |
+
year={2026},
|
| 59 |
+
eprint={2605.05630},
|
| 60 |
+
archivePrefix={arXiv},
|
| 61 |
+
primaryClass={cs.CL},
|
| 62 |
+
url={https://arxiv.org/abs/2605.05630},
|
| 63 |
+
}
|
| 64 |
+
```
|