Ranking Manipulation for Conversational Search Engines

• URL: http://arxiv.org/abs/2406.03589v3
• Date: Wed, 25 Sep 2024 14:59:24 GMT
• Title: Ranking Manipulation for Conversational Search Engines
• Authors: Samuel Pfrommer, Yatong Bai, Tanmay Gautam, Somayeh Sojoudi,
• Abstract summary: We study the impact of prompt injections on the ranking order of sources referenced by conversational search engines. We present a tree-of-attacks-based jailbreaking technique which reliably promotes low-ranked products.
• Score: 7.958276719131612
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: Major search engine providers are rapidly incorporating Large Language Model (LLM)-generated content in response to user queries. These conversational search engines operate by loading retrieved website text into the LLM context for summarization and interpretation. Recent research demonstrates that LLMs are highly vulnerable to jailbreaking and prompt injection attacks, which disrupt the safety and quality goals of LLMs using adversarial strings. This work investigates the impact of prompt injections on the ranking order of sources referenced by conversational search engines. To this end, we introduce a focused dataset of real-world consumer product websites and formalize conversational search ranking as an adversarial problem. Experimentally, we analyze conversational search rankings in the absence of adversarial injections and show that different LLMs vary significantly in prioritizing product name, document content, and context position. We then present a tree-of-attacks-based jailbreaking technique which reliably promotes low-ranked products. Importantly, these attacks transfer effectively to state-of-the-art conversational search engines such as perplexity$.$ai. Given the strong financial incentive for website owners to boost their search ranking, we argue that our problem formulation is of critical importance for future robustness work.

Related papers

• Search Engines, LLMs or Both? Evaluating Information Seeking Strategies for Answering Health Questions [3.8984586307450093]
  We compare different web search engines, Large Language Models (LLMs) and retrieval-augmented (RAG) approaches. We observed that the quality of webpages potentially responding to a health question does not decline as we navigate further down the ranked lists. According to our evaluation, web engines are less accurate than LLMs in finding correct answers to health questions.
  arXiv  Detail & Related papers  (2024-07-17T10:40:39Z)
• When Search Engine Services meet Large Language Models: Visions and Challenges [53.32948540004658]
  This paper conducts an in-depth examination of how integrating Large Language Models with search engines can mutually benefit both technologies. We focus on two main areas: using search engines to improve LLMs (Search4LLM) and enhancing search engine functions using LLMs (LLM4Search)
  arXiv  Detail & Related papers  (2024-06-28T03:52:13Z)
• Adversarial Search Engine Optimization for Large Language Models [25.320947071607744]
  Large Language Models (LLMs) are increasingly used in applications where the model selects from competing third-party content. We introduce Preference Manipulation Attacks, a new class of attacks that manipulate an LLM's selections to favor the attacker.
  arXiv  Detail & Related papers  (2024-06-26T14:24:51Z)
• CHIQ: Contextual History Enhancement for Improving Query Rewriting in Conversational Search [67.6104548484555]
  We introduce CHIQ, a two-step method that leverages the capabilities of open-source large language models (LLMs) to resolve ambiguities in the conversation history before query rewriting. We demonstrate on five well-established benchmarks that CHIQ leads to state-of-the-art results across most settings.
  arXiv  Detail & Related papers  (2024-06-07T15:23:53Z)
• Manipulating Large Language Models to Increase Product Visibility [27.494854085799076]
  Large language models (LLMs) are increasingly being integrated into search engines to provide natural language responses tailored to user queries. We investigate whether recommendations from LLMs can be manipulated to enhance a product's visibility.
  arXiv  Detail & Related papers  (2024-04-11T17:57:32Z)
• Crafting Knowledge: Exploring the Creative Mechanisms of Chat-Based Search Engines [3.5845457075304368]
  This research aims to dissect the mechanisms through which an LLM-powered search engine, specifically Bing Chat, selects information sources for its responses. Bing Chat exhibits a preference for content that is not only readable and formally structured, but also demonstrates lower perplexity levels. Our investigation documents a greater similarity among websites cited by RAG technologies compared to those ranked highest by conventional search engines.
  arXiv  Detail & Related papers  (2024-02-29T18:20:37Z)
• Evaluating Robustness of Generative Search Engine on Adversarial Factual Questions [89.35345649303451]
  Generative search engines have the potential to transform how people seek information online. But generated responses from existing large language models (LLMs)-backed generative search engines may not always be accurate. Retrieval-augmented generation exacerbates safety concerns, since adversaries may successfully evade the entire system.
  arXiv  Detail & Related papers  (2024-02-25T11:22:19Z)
• Large Search Model: Redefining Search Stack in the Era of LLMs [63.503320030117145]
  We introduce a novel conceptual framework called large search model, which redefines the conventional search stack by unifying search tasks with one large language model (LLM) All tasks are formulated as autoregressive text generation problems, allowing for the customization of tasks through the use of natural language prompts. This proposed framework capitalizes on the strong language understanding and reasoning capabilities of LLMs, offering the potential to enhance search result quality while simultaneously simplifying the existing cumbersome search stack.
  arXiv  Detail & Related papers  (2023-10-23T05:52:09Z)
• Keyword Augmented Retrieval: Novel framework for Information Retrieval integrated with speech interface [0.0]
  Retrieving answers in a quick and low cost manner without hallucinations using Language models is a major hurdle. This is what prevents employment of Language models in knowledge retrieval automation. For commercial search and chat-bot applications, complete reliance on commercial large language models (LLMs) like GPT 3.5 etc. can be very costly.
  arXiv  Detail & Related papers  (2023-10-06T12:44:04Z)
• Synergistic Interplay between Search and Large Language Models for Information Retrieval [141.18083677333848]
  InteR allows RMs to expand knowledge in queries using LLM-generated knowledge collections. InteR achieves overall superior zero-shot retrieval performance compared to state-of-the-art methods.
  arXiv  Detail & Related papers  (2023-05-12T11:58:15Z)
• Check Your Facts and Try Again: Improving Large Language Models with External Knowledge and Automated Feedback [127.75419038610455]
  Large language models (LLMs) are able to generate human-like, fluent responses for many downstream tasks. This paper proposes a LLM-Augmenter system, which augments a black-box LLM with a set of plug-and-play modules.
  arXiv  Detail & Related papers  (2023-02-24T18:48:43Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.