X-Guard: Explainable Reinforcement Learning Framework for Trustworthy and Responsible LLM Defenses

Download PDF

HIRAGAR PRATIK RAKESHBHAI

10 Sept 2025 (modified: 27 Oct 2025)Submitted to NeurIPS Lock-LLM Workshop 2025EveryoneRevisionsBibTeXCC BY 4.0
Keywords: Large Language Models, Reinforcement Learning, Explainable AI, Model Defense, Jailbreak Attacks, Fine-tuning Security
TL;DR: We propose X-Guard, an explainable RL-based defense that adapts to evolving attacks on LLMs while preserving usability.
Abstract: Large Language Models (LLMs) are increasingly deployed in sensitive domains but remain vulnerable to unauthorized fine-tuning, distillation and misuse. Existing defenses often operate as static or opaque safeguards, limiting adaptability and trust. We propose X-Guard, an explainable reinforcement learning (RL) framework that formulates LLM defense as an adaptive decision process. An RL agent dynamically selects strategies (e.g., watermarking, perturbations, access gating) against adversarial behaviors, while an explainability layer maps actions to interpretable risk factors. To make the system practical, X-Guard integrates lightweight query monitoring, a reward-shaping scheme that balances attack mitigation and benign usability, and a human-facing dashboard that surfaces rationales and risk scores for each action. We evaluate X-Guard across three representative threat scenarios—unauthorized fine-tuning, knowledge extraction, and prompt injection—using both benchmarked simulations and a small pilot on open LLMs. Experimental results show approximately 38% improvements in thwarting adaptive attacks relative to static baselines, with minimal loss in benign query utility. We also report stability analyses, multiple-seed averages and statistical significance tests to demonstrate robustness. Beyond performance gains, X-Guard provides actionable explanations that help operators validate and adjust policies, improving trust and facilitating regulatory compliance. We discuss limitations (scale, deployment complexity, and adversarial adaptation) and outline extensions such as multi-agent defenses and tighter integration with threat intelligence. Overall, X-Guard points to a practical pathway for building LLM defenses that are simultaneously adaptive, transparent and ethically aligned.
Submission Number: 37