Go to ACL ARR 2025 May homepageGRADA: Graph-based Reranker against Adversarial Documents Attack
Abstract: Retrieval Augmented Generation (RAG) frameworks can improve the factual accuracy of large language models (LLMs) by integrating external knowledge from retrieved documents, thereby overcoming the limitations of models' static intrinsic knowledge.
However, these systems are susceptible to adversarial attacks that manipulate the retrieval process by introducing documents that are adversarial yet semantically similar to the query.
Notably, while these adversarial documents resemble the query, they exhibit weak similarity to benign documents in the retrieval set. Thus, we propose a simple yet effective **G**raph-based **R**eranking against **A**dversarial **D**ocument **A**ttacks (GRADA) framework aiming at preserving retrieval quality while significantly reducing the success of adversaries.
Our study evaluates the effectiveness of our approach through experiments conducted on six LLMs: GPT-3.5-Turbo, GPT-4o, Llama3.1-8b-Instruct, Llama3.1-70b-Instruct, Qwen2.5-7b-Instruct and Qwen2.5-14b-Instruct. We use three datasets to assess performance, with results from the Natural Questions dataset demonstrating up to an 80\% reduction in attack success rates while maintaining minimal loss in accuracy.
Paper Type: Long
Research Area: Information Retrieval and Text Mining
Research Area Keywords: Passage retrieval, re-ranking, adversarial attack and defense on RAG
Contribution Types: NLP engineering experiment
Languages Studied: English
Submission Number: 1432
Loading