Attacking Open-domain Question Answering by Injecting Misinformation
- URL: http://arxiv.org/abs/2110.07803v3
- Date: Tue, 19 Sep 2023 23:47:18 GMT
- Title: Attacking Open-domain Question Answering by Injecting Misinformation
- Authors: Liangming Pan, Wenhu Chen, Min-Yen Kan, William Yang Wang
- Abstract summary: We study the risk of misinformation to Question Answering (QA) models by investigating the sensitivity of open-domain QA models to misinformation documents.
Experiments show that QA models are vulnerable to even small amounts of evidence contamination brought by misinformation.
We discuss the necessity of building a misinformation-aware QA system that integrates question-answering and misinformation detection.
- Score: 116.25434773461465
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: With a rise in false, inaccurate, and misleading information in propaganda,
news, and social media, real-world Question Answering (QA) systems face the
challenges of synthesizing and reasoning over misinformation-polluted contexts
to derive correct answers. This urgency gives rise to the need to make QA
systems robust to misinformation, a topic previously unexplored. We study the
risk of misinformation to QA models by investigating the sensitivity of
open-domain QA models to corpus pollution with misinformation documents. We
curate both human-written and model-generated false documents that we inject
into the evidence corpus of QA models and assess the impact on the performance
of these systems. Experiments show that QA models are vulnerable to even small
amounts of evidence contamination brought by misinformation, with large
absolute performance drops on all models. Misinformation attack brings more
threat when fake documents are produced at scale by neural models or the
attacker targets hacking specific questions of interest. To defend against such
a threat, we discuss the necessity of building a misinformation-aware QA system
that integrates question-answering and misinformation detection in a joint
fashion.
Related papers
- A RAG-Based Question-Answering Solution for Cyber-Attack Investigation and Attribution [2.2940141855172036]
We introduce the first question-answering (QA) model and its application that provides information to the cybersecurity experts about cyber-attacks investigations and attribution.
Our QA model is based on Retrieval Augmented Generation (RAG) techniques together with a Large Language Model (LLM)
We have tested and evaluated our QA model with various types of questions, including KB-based, metadata-based, specific documents from the KB, and external sources-based questions.
arXiv Detail & Related papers (2024-08-12T16:33:51Z) - Crowd Intelligence for Early Misinformation Prediction on Social Media [29.494819549803772]
We introduce CROWDSHIELD, a crowd intelligence-based method for early misinformation prediction.
We employ Q-learning to capture the two dimensions -- stances and claims.
We propose MIST, a manually annotated misinformation detection Twitter corpus.
arXiv Detail & Related papers (2024-08-08T13:45:23Z) - Missci: Reconstructing Fallacies in Misrepresented Science [84.32990746227385]
Health-related misinformation on social networks can lead to poor decision-making and real-world dangers.
Missci is a novel argumentation theoretical model for fallacious reasoning.
We present Missci as a dataset to test the critical reasoning abilities of large language models.
arXiv Detail & Related papers (2024-06-05T12:11:10Z) - InfoLossQA: Characterizing and Recovering Information Loss in Text Simplification [60.10193972862099]
This work proposes a framework to characterize and recover simplification-induced information loss in form of question-and-answer pairs.
QA pairs are designed to help readers deepen their knowledge of a text.
arXiv Detail & Related papers (2024-01-29T19:00:01Z) - Fact-Saboteurs: A Taxonomy of Evidence Manipulation Attacks against
Fact-Verification Systems [80.3811072650087]
We show that it is possible to subtly modify claim-salient snippets in the evidence and generate diverse and claim-aligned evidence.
The attacks are also robust against post-hoc modifications of the claim.
These attacks can have harmful implications on the inspectable and human-in-the-loop usage scenarios.
arXiv Detail & Related papers (2022-09-07T13:39:24Z) - Explaining RADAR features for detecting spoofing attacks in Connected
Autonomous Vehicles [2.8153045998456188]
Connected autonomous vehicles (CAVs) are anticipated to have built-in AI systems for defending against cyberattacks.
Machine learning (ML) models form the basis of many such AI systems.
We present a model that explains textitcertainty and textituncertainty in sensor input.
arXiv Detail & Related papers (2022-03-01T00:11:46Z) - Synthetic Disinformation Attacks on Automated Fact Verification Systems [53.011635547834025]
We explore the sensitivity of automated fact-checkers to synthetic adversarial evidence in two simulated settings.
We show that these systems suffer significant performance drops against these attacks.
We discuss the growing threat of modern NLG systems as generators of disinformation.
arXiv Detail & Related papers (2022-02-18T19:01:01Z) - Mining Fine-grained Semantics via Graph Neural Networks for
Evidence-based Fake News Detection [20.282527436527765]
We propose a unified Graph-based sEmantic sTructure mining framework, namely GET in short.
We model claims and evidences as graph-structured data and capture the long-distance semantic dependency.
After obtaining contextual semantic information, our model reduces information redundancy by performing graph structure learning.
arXiv Detail & Related papers (2022-01-18T11:28:36Z) - Zero-shot Fact Verification by Claim Generation [85.27523983027471]
We develop QACG, a framework for training a robust fact verification model.
We use automatically generated claims that can be supported, refuted, or unverifiable from evidence from Wikipedia.
In a zero-shot scenario, QACG improves a RoBERTa model's F1 from 50% to 77%, equivalent in performance to 2K+ manually-curated examples.
arXiv Detail & Related papers (2021-05-31T03:13:52Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.