Shh, don't say that! Domain Certification in LLMs

Emde, Cornelius; Paren, Alasdair James; Arvind, Preetham; Kayser, Maxime Guillaume; Rainforth, Tom; Lukasiewicz, Thomas; Torr, Philip; Bibi, Adel

DC Field

Value

Language

dc.contributor.author

Emde, Cornelius

dc.contributor.author

Paren, Alasdair James

dc.contributor.author

Arvind, Preetham

dc.contributor.author

Kayser, Maxime Guillaume

dc.contributor.author

Rainforth, Tom

dc.contributor.author

Lukasiewicz, Thomas

dc.contributor.author

Torr, Philip

dc.contributor.author

Bibi, Adel

dc.date.accessioned

2026-01-08T12:50:39Z

dc.date.available

2026-01-08T12:50:39Z

dc.date.issued

2025

dc.identifier.citation

<div class="csl-bib-body"> <div class="csl-entry">Emde, C., Paren, A. J., Arvind, P., Kayser, M. G., Rainforth, T., Lukasiewicz, T., Torr, P., & Bibi, A. (2025). Shh, don’t say that! Domain Certification in LLMs. In <i>The Thirteenth International Conference on Learning Representations,{ICLR} 2025, Singapore, April 24-28, 2025</i>. Thirteenth International Conference on Learning Representations (ICLR 2025), Singapore.</div> </div>

dc.identifier.uri

http://hdl.handle.net/20.500.12708/223780

dc.description.abstract

Large language models (LLMs) are often deployed to perform constrained tasks, with narrow domains. For example, customer support bots can be built on top of LLMs, relying on their broad language understanding and capabilities to enhance performance. However, these LLMs are adversarially susceptible, potentially generating outputs outside the intended domain. To formalize, assess, and mitigate this risk, we introduce domain certification; a guarantee that accurately characterizes the out-of-domain behavior of language models. We then propose a simple yet effective approach, which we call VALID that provides adversarial bounds as a certificate. Finally, we evaluate our method across a diverse set of datasets, demonstrating that it yields meaningful certificates, which bound the probability of out-of-domain samples tightly with minimum penalty to refusal behavior.

dc.language.iso

dc.subject

large language models

dc.subject

natural language processing

dc.subject

Adversarial Robustness

dc.subject

adversary

dc.subject

natural text generation

dc.subject

certification

dc.subject

verification

dc.title

Shh, don't say that! Domain Certification in LLMs

dc.type

Inproceedings

dc.type

Konferenzbeitrag

dc.contributor.affiliation

Science Oxford, United Kingdom of Great Britain and Northern Ireland (the)

dc.contributor.affiliation

Mineralogical Society of the United Kingdom and Ireland, United Kingdom of Great Britain and Northern Ireland (the)

dc.type.category

Full-Paper Contribution

tuw.booktitle

The Thirteenth International Conference on Learning Representations,{ICLR} 2025, Singapore, April 24-28, 2025

tuw.peerreviewed

true

tuw.researchTopic.id

tuw.researchTopic.name

Information Systems Engineering

tuw.researchTopic.value

100

tuw.publication.orgunit

E192-07 - Forschungsbereich Artificial Intelligence Techniques

tuw.publication.orgunit

E192-03 - Forschungsbereich Knowledge Based Systems

tuw.author.orcid

0000-0003-0348-6109

tuw.author.orcid

0009-0003-5933-5243

tuw.author.orcid

0000-0002-6169-3918

tuw.event.name

Thirteenth International Conference on Learning Representations (ICLR 2025)

tuw.event.startdate

24-04-2025

tuw.event.enddate

28-04-2025

tuw.event.online

On Site

tuw.event.type

Event for scientific audience

tuw.event.country

tuw.event.presenter

Emde, Cornelius

wb.sciencebranch

Informatik

wb.sciencebranch

Mathematik

wb.sciencebranch.oefos

1020

wb.sciencebranch.oefos

1010

wb.sciencebranch.value

item.grantfulltext

none

item.languageiso639-1

item.cerifentitytype

Publications

item.openairecristype

http://purl.org/coar/resource_type/c_5794

item.fulltext

no Fulltext

item.openairetype

conference paper

crisitem.author.dept

Science Oxford, United Kingdom of Great Britain and Northern Ireland (the)

crisitem.author.dept

E192-07 - Forschungsbereich Artificial Intelligence Techniques

crisitem.author.dept

E192-07 - Forschungsbereich Artificial Intelligence Techniques

crisitem.author.dept

Engineering Science - University of Oxford (Oxford, GB)

crisitem.author.orcid

0000-0003-0348-6109

crisitem.author.orcid

0009-0003-5933-5243

crisitem.author.orcid

0000-0002-6169-3918

crisitem.author.parentorg

E192 - Institut für Logic and Computation

crisitem.author.parentorg

E192 - Institut für Logic and Computation

Appears in Collections:

Conference Paper

Show simple item record

Page view(s)

checked on Jan 8, 2026

Google Scholar^TM

Check

Page view(s)

Google ScholarTM

Google Scholar^TM