RAGRank: Using PageRank to Counter Poisoning in CTI LLM Pipelines
This addresses a critical security vulnerability in CTI systems for cybersecurity professionals, though it is incremental as it adapts an existing algorithm to a specific domain.
The paper tackles the problem of poisoning attacks in Retrieval-Augmented Generation (RAG) systems for Cyber Threat Intelligence (CTI) by proposing a method using PageRank to assess source credibility, showing it assigns lower authority scores to malicious documents and promotes trusted content in experiments on the MS MARCO dataset and CTI documents.
Retrieval-Augmented Generation (RAG) has emerged as the dominant architectural pattern to operationalize Large Language Model (LLM) usage in Cyber Threat Intelligence (CTI) systems. However, this design is susceptible to poisoning attacks, and previously proposed defenses can fail for CTI contexts as cyber threat information is often completely new for emerging attacks, and sophisticated threat actors can mimic legitimate formats, terminology, and stylistic conventions. To address this issue, we propose that the robustness of modern RAG defenses can be accelerated by applying source credibility algorithms on corpora, using PageRank as an example. In our experiments, we demonstrate quantitatively that our algorithm applies a lower authority score to malicious documents while promoting trusted content, using the standardized MS MARCO dataset. We also demonstrate proof-of-concept performance of our algorithm on CTI documents and feeds.