Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

DeepKnown-Guard: A Proprietary Model-Based Safety Response Framework for AI Agents

Qi Li, Jianjun Xu, Pingtao Wei, Jiu Li, Peiqiang Zhao, Jiwei Shi, Xuan Zhang, Yanhui Yang, Xiaodong Hui, Peng Xu, Wenqin Shao

TL;DR

The paper tackles input safety and output trustworthiness in LLMs by integrating a proactive, fine-grained safety classification layer with a Retrieval-Augmented Generation pipeline anchored to a real-time, traceable knowledge base. It introduces a four-tier taxonomy (Safe, Unsafe, Conditionally Safe, Focused Attention) and pairs it with an interpretation LLM to ensure all outputs are grounded in current sources, reducing hallucinations and enabling traceability. Empirical results show the approach achieves a risk recall of 99.5% on risk data, and near-perfect safety scores on public and proprietary high-risk sets (e.g., EN 99.2,ZH 99.4, High-Risk 99.9), outperforming Qwen3Guard-Gen-8B and TinyR1-Safety-8B baselines. The framework demonstrates strong potential for deploying high-security, high-trust LLM applications across sensitive domains, with future work focusing on adversarial resilience and closer integration with dynamic knowledge evolution.

Abstract

With the widespread application of Large Language Models (LLMs), their associated security issues have become increasingly prominent, severely constraining their trustworthy deployment in critical domains. This paper proposes a novel safety response framework designed to systematically safeguard LLMs at both the input and output levels. At the input level, the framework employs a supervised fine-tuning-based safety classification model. Through a fine-grained four-tier taxonomy (Safe, Unsafe, Conditionally Safe, Focused Attention), it performs precise risk identification and differentiated handling of user queries, significantly enhancing risk coverage and business scenario adaptability, and achieving a risk recall rate of 99.3%. At the output level, the framework integrates Retrieval-Augmented Generation (RAG) with a specifically fine-tuned interpretation model, ensuring all responses are grounded in a real-time, trustworthy knowledge base. This approach eliminates information fabrication and enables result traceability. Experimental results demonstrate that our proposed safety control model achieves a significantly higher safety score on public safety evaluation benchmarks compared to the baseline model, TinyR1-Safety-8B. Furthermore, on our proprietary high-risk test set, the framework's components attained a perfect 100% safety score, validating their exceptional protective capabilities in complex risk scenarios. This research provides an effective engineering pathway for building high-security, high-trust LLM applications.

DeepKnown-Guard: A Proprietary Model-Based Safety Response Framework for AI Agents

TL;DR

The paper tackles input safety and output trustworthiness in LLMs by integrating a proactive, fine-grained safety classification layer with a Retrieval-Augmented Generation pipeline anchored to a real-time, traceable knowledge base. It introduces a four-tier taxonomy (Safe, Unsafe, Conditionally Safe, Focused Attention) and pairs it with an interpretation LLM to ensure all outputs are grounded in current sources, reducing hallucinations and enabling traceability. Empirical results show the approach achieves a risk recall of 99.5% on risk data, and near-perfect safety scores on public and proprietary high-risk sets (e.g., EN 99.2,ZH 99.4, High-Risk 99.9), outperforming Qwen3Guard-Gen-8B and TinyR1-Safety-8B baselines. The framework demonstrates strong potential for deploying high-security, high-trust LLM applications across sensitive domains, with future work focusing on adversarial resilience and closer integration with dynamic knowledge evolution.

Abstract

With the widespread application of Large Language Models (LLMs), their associated security issues have become increasingly prominent, severely constraining their trustworthy deployment in critical domains. This paper proposes a novel safety response framework designed to systematically safeguard LLMs at both the input and output levels. At the input level, the framework employs a supervised fine-tuning-based safety classification model. Through a fine-grained four-tier taxonomy (Safe, Unsafe, Conditionally Safe, Focused Attention), it performs precise risk identification and differentiated handling of user queries, significantly enhancing risk coverage and business scenario adaptability, and achieving a risk recall rate of 99.3%. At the output level, the framework integrates Retrieval-Augmented Generation (RAG) with a specifically fine-tuned interpretation model, ensuring all responses are grounded in a real-time, trustworthy knowledge base. This approach eliminates information fabrication and enables result traceability. Experimental results demonstrate that our proposed safety control model achieves a significantly higher safety score on public safety evaluation benchmarks compared to the baseline model, TinyR1-Safety-8B. Furthermore, on our proprietary high-risk test set, the framework's components attained a perfect 100% safety score, validating their exceptional protective capabilities in complex risk scenarios. This research provides an effective engineering pathway for building high-security, high-trust LLM applications.

Paper Structure

This paper contains 18 sections, 2 equations, 1 figure, 4 tables.

Table of Contents

  1. Introduction
  2. Related Work
  3. Analysis of Security Requirements for LLM Dialogue Systems
  4. Completeness of Safety-Related Knowledge
  5. Value Alignment and Precision of the Response Mechanism
  6. Adaptability of Safety Response Strategies
  7. Methodology
  8. Proactive Safety Classification
  9. Trustworthy Knowledge Base-Driven Response Generation
  10. Experiments
  11. Experimental Setup
  12. Training Dataset
  13. Evaluation
  14. Experimental Results
  15. Component Analysis
  16. ...and 3 more sections

Figures (1)

  • Figure 1: Safety and Trustworthiness Response Architecture.