Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
41 tokens/sec
GPT-4o
59 tokens/sec
Gemini 2.5 Pro Pro
41 tokens/sec
o3 Pro
7 tokens/sec
GPT-4.1 Pro
50 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

Can Large Language Models Provide Security & Privacy Advice? Measuring the Ability of LLMs to Refute Misconceptions (2310.02431v1)

Published 3 Oct 2023 in cs.HC and cs.CL

Abstract: Users seek security & privacy (S&P) advice from online resources, including trusted websites and content-sharing platforms. These resources help users understand S&P technologies and tools and suggest actionable strategies. LLMs have recently emerged as trusted information sources. However, their accuracy and correctness have been called into question. Prior research has outlined the shortcomings of LLMs in answering multiple-choice questions and user ability to inadvertently circumvent model restrictions (e.g., to produce toxic content). Yet, the ability of LLMs to provide reliable S&P advice is not well-explored. In this paper, we measure their ability to refute popular S&P misconceptions that the general public holds. We first study recent academic literature to curate a dataset of over a hundred S&P-related misconceptions across six different topics. We then query two popular LLMs (Bard and ChatGPT) and develop a labeling guide to evaluate their responses to these misconceptions. To comprehensively evaluate their responses, we further apply three strategies: query each misconception multiple times, generate and query their paraphrases, and solicit source URLs of the responses. Both models demonstrate, on average, a 21.3% non-negligible error rate, incorrectly supporting popular S&P misconceptions. The error rate increases to 32.6% when we repeatedly query LLMs with the same or paraphrased misconceptions. We also expose that models may partially support a misconception or remain noncommittal, refusing a firm stance on misconceptions. Our exploration of information sources for responses revealed that LLMs are susceptible to providing invalid URLs (21.2% for Bard and 67.7% for ChatGPT) or point to unrelated sources (44.2% returned by Bard and 18.3% by ChatGPT).

PDF HTML Abstract
Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Bookmark Chat Bubble Oval Streamline Icon: https://streamlinehq.com Chat (Pro)
Definition Search Book Streamline Icon: https://streamlinehq.com
References (72)
  1. 2023. Bard. https://bard.google.com/. [Online; accessed 25-May-2023].
  2. 2023a. ChatGPT. https://openai.com/blog/chatgpt/. [Online; accessed 25-May-2023].
  3. 2023b. ChatGPT API. https://platform.openai.com/docs/guides/chat. [Online; accessed 25-May-2023].
  4. 2023c. ChatGPT API Temperature Parameter. https://platform.openai.com/docs/api-reference/chat/create#chat/create-temperature. [Online; accessed 25-May-2023].
  5. 2023d. ChatGPT coding: OpenAI CEO says AI can save time on software jobs. https://www.businessinsider.com/chatgpt-coding-openai-ceo-save-time-ai-jobs-software-2023-5. [Online; accessed 25-May-2023].
  6. 2023. ChatGPT: Online AI tool teachers say some students are using to cheat. https://news.yahoo.com/chatgpt-online-ai-tool-teachers-113735624.html. [Online; accessed 25-May-2023].
  7. 2023e. Chatgpt Plugins. https://openai.com/blog/chatgpt-plugins. [Online; accessed 25-May-2023].
  8. 2023. Claude. https://www.anthropic.com/index/introducing-claude. [Online; accessed 25-May-2023].
  9. 2023a. Could ChatGPT REALLY slay Google. https://www.dailymail.co.uk/sciencetech/article-11723499/Could-ChatGPT-replace-Google-Experts-weigh-win-race-AI-search-engine.html. [Online; accessed 25-May-2023].
  10. 2023. Could your next therapist be AI? Tech raises hopes, concerns. https://www.aljazeera.com/economy/2023/4/27/could-your-next-therapist-be-ai-tech-raises-hopes-concerns. [Online; accessed 25-May-2023].
  11. 2023. Google Scholar. https://scholar.google.com. [Online; accessed 25-May-2023].
  12. 2023a. GPT-3.5-turbo Model. https://platform.openai.com/docs/models/gpt-3-5. [Online; accessed 25-May-2023].
  13. 2023b. GPTStore. https://gptstore.ai/. [Online; accessed 25-May-2023].
  14. 2023f. How You Should—and Shouldn’t—Use ChatGPT for Medical Advice. https://www.verywellhealth.com/chatgpt-for-medical-advice-7500293. [Online; accessed 25-May-2023].
  15. 2023. Hugging Face. https://huggingface.co/. [Online; accessed 25-May-2023].
  16. 2023g. I use ChatGPT to ace interviews: ’Works for every single job’. https://nypost.com/2023/05/24/i-use-chatgpt-to-ace-interviews-works-for-every-single-job/. [Online; accessed 25-May-2023].
  17. 2023. IAn important next step on our AI journey. https://blog.google/technology/ai/bard-google-ai-search-updates/. [Online; accessed 25-May-2023].
  18. 2023h. Investors are asking ChatGPT for stock market advice. https://www.marketplace.org/shows/make-me-smart/investors-are-asking-chatgpt-for-stock-market-advice/. [Online; accessed 25-May-2023].
  19. 2023. LLaMa. https://ai.meta.com/blog/large-language-model-llama-meta-ai/. [Online; accessed 25-May-2023].
  20. 2023. Miss-date doctor launches revolutionary AI platform to help people find partners. https://uk.finance.yahoo.com/news/miss-date-doctor-launch-revolutionary-130000837.html. [Online; accessed 25-May-2023].
  21. 2023. OpenAI ChatGPT job interview questions. https://www.hindustantimes.com/technology/openai-chatgpt-job-interview-questions-chatbot-artificial-intelligence-101684997724187.html. [Online; accessed 25-May-2023].
  22. 2023. Paraphrase Genius. https://rapidapi.com/genius-tools-genius-tools-default/api/paraphrase-genius. [Online; accessed 25-May-2023].
  23. 2023. Rapid API. http://rapidapi.com. [Online; accessed 25-May-2023].
  24. 2023b. Replication Package. https://github.com/purseclab/LLM_Security_Privacy_Advice. [Online; accessed 2-October-2023].
  25. 2023. Requests: HTTP for Humans. https://requests.readthedocs.io. [Online; accessed 25-May-2023].
  26. 2023. Statistics of Common Crawl Monthly Archives. https://commoncrawl.github.io/cc-crawl-statistics/plots/domains. [Online; accessed 25-September-2023].
  27. 2023. Wayback Machine. https://archive.org/help/wayback_api.php. [Online; accessed 25-May-2023].
  28. Abeer AlDayel and Walid Magdy. 2021. Stance detection on social media: State of the art and trends. Information Processing & Management (2021).
  29. Waleed Ali and Mohamed Hassoun. 2019. Artificial intelligence and automated journalism: Contemporary challenges and new opportunities. International journal of media, journalism and mass communications 5 (2019).
  30. A Multitask, Multilingual, Multimodal Evaluation of ChatGPT on Reasoning, Hallucination, and Interactivity. arXiv preprint arXiv:2302.04023 (2023).
  31. Identifying and Mitigating the Security Risks of Generative AI. arXiv preprint arXiv:2308.14840 (2023).
  32. Alexei A Birkun and Adhish Gautam. 2023. Large language model-based chatbot as a source of advice on first aid in heart attack. Current Problems in Cardiology (2023).
  33. Language Models are Few-Shot Learners. In Advances in Neural Information Processing Systems.
  34. PentestGPT: An LLM-empowered Automatic Penetration Testing Tool. arXiv preprint arXiv:2308.06782 (2023).
  35. Control-Alt-Hack: the design and evaluation of a card game for computer security awareness and education. In ACM SIGSAC conference on Computer & communications security.
  36. The measurement of interrater agreement. Statistical methods for rates and proportions (1981).
  37. Realtoxicityprompts: Evaluating neural toxic degeneration in language models. arXiv preprint arXiv:2009.11462 (2020).
  38. Hallucinations in large multilingual translation models. arXiv preprint arXiv:2303.16104 (2023).
  39. Fact Check: Assessing the Response of ChatGPT to Alzheimer’s Disease Statements with Varying Degrees of Misinformation. medRxiv (2023).
  40. Large language models are zero-shot reasoners. Advances in neural information processing systems (2022).
  41. TruthfulQA: Measuring How Models Mimic Human Falsehoods. In Computational Linguistics.
  42. ” If It’s Important It Will Be A Headline” Cybersecurity Information Seeking in Older Adults. In CHI Conference on Human Factors in Computing Systems.
  43. David Noever. 2023. Can Large Language Models Find And Fix Vulnerable Software? arXiv preprint arXiv:2308.10345 (2023).
  44. OpenAI. 2023. Introducint ChatGPT. https://openai.com/blog/chatgpt. [Online; accessed 25-May-2023].
  45. Training language models to follow instructions with human feedback. Advances in Neural Information Processing Systems (2022).
  46. DIVAS: An LLM-based End-to-End Framework for SoC Security Analysis and Policy-based Protection. arXiv preprint arXiv:2308.06932 (2023).
  47. Examining zero-shot vulnerability repair with large language models. In 2023 IEEE Symposium on Security and Privacy (SP). IEEE, 2339–2356.
  48. GODEL: Large-Scale Pre-Training for Goal-Directed Dialog. arXiv preprint arXiv:2206.11309 (2022).
  49. Stories as informal lessons about security. In Symposium on Usable Privacy and Security.
  50. Exploring the limits of transfer learning with a unified text-to-text transformer. The Journal of Machine Learning Research (2020).
  51. How i learned to be secure: a census-representative survey of security advice sources and behavior. In ACM SIGSAC conference on computer and communications security.
  52. Where is the Digital Divide? A Survey of Security, Privacy, and Socioeconomics. In CHI Conference on Human Factors in Computing Systems.
  53. I think they’re trying to tell me something: Advice sources and selection for digital security. In IEEE Symposium on Security and Privacy (SP).
  54. A comprehensive quality evaluation of security and privacy advice on the web. In USENIX Security Symposium.
  55. Investigating the Factual Knowledge Boundary of Large Language Models with Retrieval Augmentation. arXiv preprint arXiv:2307.11019 (2023).
  56. Evaluation of ChatGPT’s responses to information needs and information seeking of dementia patients. Research Square (2023).
  57. In ChatGPT We Trust? Measuring and Characterizing the Reliability of ChatGPT. arXiv preprint arXiv:2304.08979 (2023).
  58. Blenderbot 3: a deployed conversational agent that continually learns to responsibly engage. arXiv preprint arXiv:2208.03188 (2022).
  59. Why So Toxic? Measuring and Triggering Toxic Behavior in Open-Domain Chatbots. In ACM SIGSAC Conference on Computer and Communications Security.
  60. Sukamol Srikwan and Markus Jakobsson. 2008. Using cartoons to teach internet security. Cryptologia (2008).
  61. t5-paraphrase API 2023. t5-large-paraphraser-diverse-high-quality model. https://huggingface.co/ramsrigouthamg/t5-large-paraphraser-diverse-high-quality. [Online; accessed 25-May-2023].
  62. Lamda: Language models for dialog applications. arXiv preprint arXiv:2201.08239 (2022).
  63. M Caner Tol and Berk Sunar. 2023. ZeroLeak: Using LLMs for Scalable and Cost Effective Side-Channel Patching. arXiv preprint arXiv:2308.13062 (2023).
  64. Expectation vs. experience: Evaluating the usability of code generation tools powered by large language models. In Chi conference on human factors in computing systems extended abstracts.
  65. Finetuned language models are zero-shot learners. arXiv preprint arXiv:2109.01652 (2021).
  66. Chain-of-thought prompting elicits reasoning in large language models. Advances in Neural Information Processing Systems 35 (2022), 24824–24837.
  67. React: Synergizing reasoning and acting in language models. arXiv preprint arXiv:2210.03629 (2022).
  68. How would stance detection techniques evolve after the launch of chatgpt? arXiv preprint arXiv:2212.14548 (2022).
  69. Siren’s Song in the AI Ocean: A Survey on Hallucination in Large Language Models. arXiv preprint arXiv:2309.01219 (2023).
  70. Dialogpt: Large-scale generative pre-training for conversational response generation. arXiv preprint arXiv:1911.00536 (2019).
  71. The role of instructional design in persuasion: A comics approach for improving cybersecurity. International Journal of Human-Computer Interaction (2016).
  72. Guido Zuccon and Bevan Koopman. 2023. Dr ChatGPT, tell me what I want to hear: How prompt knowledge impacts health answer correctness. arXiv preprint arXiv:2302.13793 (2023).
User Edit Pencil Streamline Icon: https://streamlinehq.com
Authors (3)
  1. Yufan Chen (34 papers)
  2. Arjun Arunasalam (3 papers)
  3. Z. Berkay Celik (23 papers)
Citations (25)
View on Semantic Scholar