SafeReview: Defending LLM-based Review Systems Against Adversarial Hidden Prompts
For academic peer review systems using LLMs, this work provides a dynamic defense against adversarial manipulation, though it is an incremental step in adversarial robustness.
The paper addresses the vulnerability of LLM-based peer review systems to adversarial hidden prompts and proposes a co-evolutionary framework where a Generator creates attack prompts and a Defender detects them, achieving enhanced resilience against evolving threats.
As Large Language Models (LLMs) are increasingly integrated into academic peer review, their vulnerability to adversarial prompts -- adversarial instructions embedded in submissions to manipulate outcomes -- emerges as a critical threat to scholarly integrity. To counter this, we propose a novel adversarial framework where a Generator model, trained to create sophisticated attack prompts, is jointly optimized with a Defender model tasked with their detection. This system is trained using a loss function inspired by Information Retrieval Generative Adversarial Networks, which fosters a dynamic co-evolution between the two models, forcing the Defender to develop robust capabilities against continuously improving attack strategies. The resulting framework demonstrates significantly enhanced resilience to novel and evolving threats compared to static defenses, thereby establishing a critical foundation for securing the integrity of peer review.