RAG Security and Privacy: Formalizing the Threat Model and Attack Surface 文章

ArXiv CS.AI2026-06-06NEWSen作者: Atousa Arzanipour, Rouzbeh Behnia, Reza Ebrahimi, Kaushik Dutta

详细信息

来源站点
ArXiv CS.AI
作者
Atousa Arzanipour, Rouzbeh Behnia, Reza Ebrahimi, Kaushik Dutta
文章类型
NEWS
语言
en
发布日期
2026-06-06

摘要

arXiv:2509.20324v2 Announce Type: replace-cross Abstract: Retrieval-Augmented Generation (RAG) is an emerging approach in natural language processing that combines large language models (LLMs) with external document retrieval to produce more accurate and grounded responses. While RAG has shown strong potential in reducing hallucinations and improving factual consistency, it also introduces new privacy and security challenges that differ from those faced by traditional LLMs. Existing research has demonstrated that LLMs can leak sensitive information through training data memorization or adversarial prompts, and RAG systems inherit many of these vulnerabilities. At the same time, reliance of RAG on an external knowledge base opens new attack surfaces, including the potential for leaking information about the presence or content of retrieved documents, or for injecting malicious content to manipulate model behavior.

相关事件

暂无数据

相关公司

暂无数据

相关人物

暂无数据

相关产品

暂无数据