Search papers, labs, and topics across Lattice.
The paper introduces RADAR, a novel defense framework against adversarial attacks in Retrieval-Augmented Generation (RAG) systems operating in dynamic environments. RADAR models reliable context selection as a graph-based energy minimization problem, solved efficiently using Max-Flow Min-Cut, and incorporates a Bayesian memory node to recursively update a belief state. Experiments on a new dynamic dataset demonstrate that RADAR achieves better robustness and response quality with significantly reduced storage costs compared to existing static defenses.
RAG systems can dynamically defend against retrieval corruption with a graph-based energy minimization approach, achieving superior robustness and response quality while slashing storage overhead.
While RAG systems are increasingly deployed in dynamic web search, temporal volatility amplifies their vulnerability to adversarial attacks. Existing static-oriented defenses struggle to handle evolving threats and incur prohibitive storage costs in dynamic settings. We propose RADAR, a framework that models reliable context selection as a graph-based energy minimization problem, solved exactly via Max-Flow Min-Cut. By incorporating a Bayesian memory node, RADAR recursively updates a belief state instead of archiving raw historical documents, effectively balancing stability against attacks with adaptability to genuine knowledge shifts. Experiments on a novel dynamic dataset show that RADAR achieves superior robustness and response quality with minimal storage overhead compared to the baselines.
