Same Question, Different Words: A Latent Adversarial Framework for Prompt Robustness

Tingchen Fu; Fazl Barez

2025 EMNLP EMNLP 2025

Same Question, Different Words: A Latent Adversarial Framework for Prompt Robustness

Abstract

AbstractInsensitivity to semantically-preserving variations of prompts (paraphrases) is crucial for reliable behavior and real-world deployment of large language models. However, language models exhibit significant performance degradation with semantically equivalent but differently phrased prompts, and existing solutions either depend on trial-and-error prompt engineering or require computationally expensive inference-time algorithms. In this study, built on the key insight that worst-case prompts exhibit a drift in embedding space, we present Latent Adversarial Paraphrasing (LAP), a dual-loop adversarial framework that optimizes a trainable perturbation as “latent continuous paraphrase” and language model performance on these perturbations iteratively. Extensive experiments are conducted to demonstrate the effectiveness of LAP across multiple backbones on the RobustAlpaca benchmark with a 0.5%-4% absolution improvement on worst-case win-rate.

🌉 Interdisciplinary Bridge — Artificial Intelligence and Machine Learning and Natural Language Processing

🧭 Keyword Pioneer — latent adversarial

🐝 Cross-Pollinator — Artificial Intelligence, Computer Science, Computer Vision, Data Science & Analytics, Deep Learning, Healthcare & Medicine, Interdisciplinary, Knowledge & Reasoning, Machine Learning, Mathematics & Optimization, Natural Language Processing, Reinforcement Learning, Robotics, Security & Privacy, Speech & Audio

Authors

Tingchen Fu , Fazl Barez

Topics

Machine Learning > Learning Types > Adversarial Learning Machine Learning > Application Areas > Domain Adaptation Natural Language Processing > Resources & Methods > Text Representation Artificial Intelligence > Core AI > Large Language Models Artificial Intelligence > Core AI > Adversarial Learning Machine Learning > Learning Types > Prompt Engineering Artificial Intelligence > Core AI > Natural Language Processing

Keywords

adversarial learning embedding space prompt engineering adversarial perturbation semantic paraphrase semantic equivalence prompt robustness latent adversarial

Download PDF

Related papers

Bit-Flip Error Resilience in LLMs: A Comprehensive Analysis and Defense Framework 2025

VoiceCraft-X: Unifying Multilingual, Voice-Cloning Speech Synthesis and Speech Editing 2025

Model-based Large Language Model Customization as Service 2025

ZoomEye: Enhancing Multimodal LLMs with Human-Like Zooming Capabilities through Tree-Based Image Exploration 2025

SlideCoder: Layout-aware RAG-enhanced Hierarchical Slide Generation from Design 2025