Stumbling Blocks: Stress Testing the Robustness of Machine-Generated Text Detectors Under Attacks

Yichen Wang; Shangbin Feng; Abe Bohan Hou; Xiao Pu; Chao Shen; Xiaoming Liu; Yulia Tsvetkov; Tianxing He

doi:10.18653/v1/2024.acl-long.160

Stumbling Blocks: Stress Testing the Robustness of Machine-Generated Text Detectors Under Attacks

Yichen Wang
, Shangbin Feng
, Abe Bohan Hou
, Xiao Pu
, Chao Shen
, Xiaoming Liu
, Yulia Tsvetkov
, Tianxing He

Faculty of Electronic and Information Engineering

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

3 Scopus citations

Abstract

The widespread use of large language models (LLMs) is increasing the demand for methods that detect machine-generated text to prevent misuse. The goal of our study is to stress test the detectors' robustness to malicious attacks under realistic scenarios. We comprehensively study the robustness of popular machine-generated text detectors under attacks from diverse categories: editing, paraphrasing, co-generating, and prompting. Our attacks assume limited access to the generator LLMs, and we compare the performance of detectors on different attacks under different budget levels. Our experiments reveal that almost none of the existing detectors remain robust under all the attacks, and all detectors exhibit different loopholes. Averaging all detectors, the performance drops by 35% across all attacks. Further, we investigate the reasons behind these defects and propose initial out-of-the-box patches.

Original language	English
Title of host publication	Long Papers
Editors	Lun-Wei Ku, Andre F. T. Martins, Vivek Srikumar
Publisher	Association for Computational Linguistics (ACL)
Pages	2894-2925
Number of pages	32
ISBN (Electronic)	9798891760943
DOIs	https://doi.org/10.18653/v1/2024.acl-long.160
State	Published - 2024
Event	62nd Annual Meeting of the Association for Computational Linguistics, ACL 2024 - Bangkok, Thailand Duration: 11 Aug 2024 → 16 Aug 2024

Publication series

Name	Proceedings of the Annual Meeting of the Association for Computational Linguistics
Volume	1
ISSN (Print)	0736-587X

Conference

Conference	62nd Annual Meeting of the Association for Computational Linguistics, ACL 2024
Country/Territory	Thailand
City	Bangkok
Period	11/08/24 → 16/08/24

Access to Document

10.18653/v1/2024.acl-long.160

Cite this

Wang, Y., Feng, S., Hou, A. B., Pu, X., Shen, C., Liu, X., Tsvetkov, Y., & He, T. (2024). Stumbling Blocks: Stress Testing the Robustness of Machine-Generated Text Detectors Under Attacks. In L.-W. Ku, A. F. T. Martins, & V. Srikumar (Eds.), Long Papers (pp. 2894-2925). (Proceedings of the Annual Meeting of the Association for Computational Linguistics; Vol. 1). Association for Computational Linguistics (ACL). https://doi.org/10.18653/v1/2024.acl-long.160

Wang, Yichen ; Feng, Shangbin ; Hou, Abe Bohan et al. / Stumbling Blocks : Stress Testing the Robustness of Machine-Generated Text Detectors Under Attacks. Long Papers. editor / Lun-Wei Ku ; Andre F. T. Martins ; Vivek Srikumar. Association for Computational Linguistics (ACL), 2024. pp. 2894-2925 (Proceedings of the Annual Meeting of the Association for Computational Linguistics).

@inproceedings{8fc2fd9f462a4fd6a3808b6d5c0ab0bf,

title = "Stumbling Blocks: Stress Testing the Robustness of Machine-Generated Text Detectors Under Attacks",

abstract = "The widespread use of large language models (LLMs) is increasing the demand for methods that detect machine-generated text to prevent misuse. The goal of our study is to stress test the detectors' robustness to malicious attacks under realistic scenarios. We comprehensively study the robustness of popular machine-generated text detectors under attacks from diverse categories: editing, paraphrasing, co-generating, and prompting. Our attacks assume limited access to the generator LLMs, and we compare the performance of detectors on different attacks under different budget levels. Our experiments reveal that almost none of the existing detectors remain robust under all the attacks, and all detectors exhibit different loopholes. Averaging all detectors, the performance drops by 35\% across all attacks. Further, we investigate the reasons behind these defects and propose initial out-of-the-box patches.",

author = "Yichen Wang and Shangbin Feng and Hou, \{Abe Bohan\} and Xiao Pu and Chao Shen and Xiaoming Liu and Yulia Tsvetkov and Tianxing He",

note = "Publisher Copyright: {\textcopyright} 2024 Association for Computational Linguistics.; 62nd Annual Meeting of the Association for Computational Linguistics, ACL 2024 ; Conference date: 11-08-2024 Through 16-08-2024",

year = "2024",

doi = "10.18653/v1/2024.acl-long.160",

language = "英语",

series = "Proceedings of the Annual Meeting of the Association for Computational Linguistics",

publisher = "Association for Computational Linguistics (ACL)",

pages = "2894--2925",

editor = "Lun-Wei Ku and Martins, \{Andre F. T.\} and Vivek Srikumar",

booktitle = "Long Papers",

}

Wang, Y, Feng, S, Hou, AB, Pu, X, Shen, C, Liu, X, Tsvetkov, Y & He, T 2024, Stumbling Blocks: Stress Testing the Robustness of Machine-Generated Text Detectors Under Attacks. in L-W Ku, AFT Martins & V Srikumar (eds), Long Papers. Proceedings of the Annual Meeting of the Association for Computational Linguistics, vol. 1, Association for Computational Linguistics (ACL), pp. 2894-2925, 62nd Annual Meeting of the Association for Computational Linguistics, ACL 2024, Bangkok, Thailand, 11/08/24. https://doi.org/10.18653/v1/2024.acl-long.160

Stumbling Blocks: Stress Testing the Robustness of Machine-Generated Text Detectors Under Attacks. / Wang, Yichen; Feng, Shangbin; Hou, Abe Bohan et al.
Long Papers. ed. / Lun-Wei Ku; Andre F. T. Martins; Vivek Srikumar. Association for Computational Linguistics (ACL), 2024. p. 2894-2925 (Proceedings of the Annual Meeting of the Association for Computational Linguistics; Vol. 1).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Stumbling Blocks

T2 - 62nd Annual Meeting of the Association for Computational Linguistics, ACL 2024

AU - Wang, Yichen

AU - Feng, Shangbin

AU - Hou, Abe Bohan

AU - Pu, Xiao

AU - Shen, Chao

AU - Liu, Xiaoming

AU - Tsvetkov, Yulia

AU - He, Tianxing

PY - 2024

Y1 - 2024

N2 - The widespread use of large language models (LLMs) is increasing the demand for methods that detect machine-generated text to prevent misuse. The goal of our study is to stress test the detectors' robustness to malicious attacks under realistic scenarios. We comprehensively study the robustness of popular machine-generated text detectors under attacks from diverse categories: editing, paraphrasing, co-generating, and prompting. Our attacks assume limited access to the generator LLMs, and we compare the performance of detectors on different attacks under different budget levels. Our experiments reveal that almost none of the existing detectors remain robust under all the attacks, and all detectors exhibit different loopholes. Averaging all detectors, the performance drops by 35% across all attacks. Further, we investigate the reasons behind these defects and propose initial out-of-the-box patches.

AB - The widespread use of large language models (LLMs) is increasing the demand for methods that detect machine-generated text to prevent misuse. The goal of our study is to stress test the detectors' robustness to malicious attacks under realistic scenarios. We comprehensively study the robustness of popular machine-generated text detectors under attacks from diverse categories: editing, paraphrasing, co-generating, and prompting. Our attacks assume limited access to the generator LLMs, and we compare the performance of detectors on different attacks under different budget levels. Our experiments reveal that almost none of the existing detectors remain robust under all the attacks, and all detectors exhibit different loopholes. Averaging all detectors, the performance drops by 35% across all attacks. Further, we investigate the reasons behind these defects and propose initial out-of-the-box patches.

UR - https://www.scopus.com/pages/publications/85204441082

U2 - 10.18653/v1/2024.acl-long.160

DO - 10.18653/v1/2024.acl-long.160

M3 - 会议稿件

AN - SCOPUS:85204441082

T3 - Proceedings of the Annual Meeting of the Association for Computational Linguistics

SP - 2894

EP - 2925

BT - Long Papers

A2 - Ku, Lun-Wei

A2 - Martins, Andre F. T.

A2 - Srikumar, Vivek

PB - Association for Computational Linguistics (ACL)

Y2 - 11 August 2024 through 16 August 2024

ER -

Wang Y, Feng S, Hou AB, Pu X, Shen C, Liu X et al. Stumbling Blocks: Stress Testing the Robustness of Machine-Generated Text Detectors Under Attacks. In Ku LW, Martins AFT, Srikumar V, editors, Long Papers. Association for Computational Linguistics (ACL). 2024. p. 2894-2925. (Proceedings of the Annual Meeting of the Association for Computational Linguistics). doi: 10.18653/v1/2024.acl-long.160

Stumbling Blocks: Stress Testing the Robustness of Machine-Generated Text Detectors Under Attacks

Abstract

Publication series

Conference

Access to Document

Other files and links

Fingerprint

Cite this