GPT Attack for Adversarial Privacy Policies

Isaac Joy; Jun Wu; Jingrui He

doi:10.1109/BIGCOM65357.2024.00032

GPT Attack for Adversarial Privacy Policies

Isaac Joy, Jun Wu, Jingrui He

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

While Machine Learning (ML) is widely used in many industries, one sector that is just beginning to leverage this technology is the legal field. Efforts like the construction of the OPP-115 Privacy Policy corpus make it possible to train Natural Language Processing (NLP) and ML models for legal use, and tools such as Polisis, Claudette, etc., which utilize these models can now provide users with descriptive annotations of various types of contracts, including Privacy Policies. However, these tools remain vulnerable to adversarial attacks, specifically adversarial legal documents, which differ from typical text based adversarial attacks due to the necessity of preserving the continuity of a legal document. Therefore, focusing on the OPP-115 corpus and Polisis specifically, we propose a framework that consists of a Doc2Vec model and a variety of shallow and deep learning methods for classification, followed by adversarial attacks on Privacy Policy segments which utilize GPT 3.5, a state-of-the-art LLM, in order to create an adversarial Privacy Policy. We evaluate the effectiveness of our method by comparing attack results to those produced by current methods, including Bert Attack and Text Fooler. Our procedure reveals not just that an attack using GPT 3.5 is an effective means of producing an adversarial policy, but that it is surprisingly easy to prompt a widely used state-of-the-art LLM to perform such a task.

Original language	English (US)
Title of host publication	Proceedings - 2024 10th International Conference on Big Data Computing and Communications, BIGCOM 2024
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	173-180
Number of pages	8
Edition	2024
ISBN (Electronic)	9798331509538
DOIs	https://doi.org/10.1109/BIGCOM65357.2024.00032
State	Published - 2024
Event	10th International Conference on Big Data Computing and Communications, BIGCOM 2024 - Dalian, China Duration: Aug 9 2024 → Aug 11 2024

Conference

Conference	10th International Conference on Big Data Computing and Communications, BIGCOM 2024
Country/Territory	China
City	Dalian
Period	8/9/24 → 8/11/24

Keywords

Adversarial Attacks
LLM
Privacy Policy

ASJC Scopus subject areas

Artificial Intelligence
Computer Science Applications
Computer Vision and Pattern Recognition
Information Systems
Information Systems and Management
Statistics, Probability and Uncertainty
Health Informatics

Online availability

10.1109/BIGCOM65357.2024.00032

Library availability

Discover UIUC Full Text

Cite this

Joy, I, Wu, J & He, J 2024, GPT Attack for Adversarial Privacy Policies. in Proceedings - 2024 10th International Conference on Big Data Computing and Communications, BIGCOM 2024. 2024 edn, Institute of Electrical and Electronics Engineers Inc., pp. 173-180, 10th International Conference on Big Data Computing and Communications, BIGCOM 2024, Dalian, China, 8/9/24. https://doi.org/10.1109/BIGCOM65357.2024.00032

@inproceedings{ef091e04282c4897ae625b525679dc0b,

title = "GPT Attack for Adversarial Privacy Policies",

abstract = "While Machine Learning (ML) is widely used in many industries, one sector that is just beginning to leverage this technology is the legal field. Efforts like the construction of the OPP-115 Privacy Policy corpus make it possible to train Natural Language Processing (NLP) and ML models for legal use, and tools such as Polisis, Claudette, etc., which utilize these models can now provide users with descriptive annotations of various types of contracts, including Privacy Policies. However, these tools remain vulnerable to adversarial attacks, specifically adversarial legal documents, which differ from typical text based adversarial attacks due to the necessity of preserving the continuity of a legal document. Therefore, focusing on the OPP-115 corpus and Polisis specifically, we propose a framework that consists of a Doc2Vec model and a variety of shallow and deep learning methods for classification, followed by adversarial attacks on Privacy Policy segments which utilize GPT 3.5, a state-of-the-art LLM, in order to create an adversarial Privacy Policy. We evaluate the effectiveness of our method by comparing attack results to those produced by current methods, including Bert Attack and Text Fooler. Our procedure reveals not just that an attack using GPT 3.5 is an effective means of producing an adversarial policy, but that it is surprisingly easy to prompt a widely used state-of-the-art LLM to perform such a task.",

keywords = "Adversarial Attacks, LLM, Privacy Policy",

author = "Isaac Joy and Jun Wu and Jingrui He",

note = "This work is supported by the C3.ai Digital Transformation Institute. The views and conclusions are those of the authors and should not be interpreted as representing the official policies of the funding agencies or the government.; 10th International Conference on Big Data Computing and Communications, BIGCOM 2024 ; Conference date: 09-08-2024 Through 11-08-2024",

year = "2024",

doi = "10.1109/BIGCOM65357.2024.00032",

language = "English (US)",

pages = "173--180",

booktitle = "Proceedings - 2024 10th International Conference on Big Data Computing and Communications, BIGCOM 2024",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

address = "United States",

edition = "2024",

}

TY - GEN

T1 - GPT Attack for Adversarial Privacy Policies

AU - Joy, Isaac

AU - Wu, Jun

AU - He, Jingrui

N1 - This work is supported by the C3.ai Digital Transformation Institute. The views and conclusions are those of the authors and should not be interpreted as representing the official policies of the funding agencies or the government.

PY - 2024

Y1 - 2024

N2 - While Machine Learning (ML) is widely used in many industries, one sector that is just beginning to leverage this technology is the legal field. Efforts like the construction of the OPP-115 Privacy Policy corpus make it possible to train Natural Language Processing (NLP) and ML models for legal use, and tools such as Polisis, Claudette, etc., which utilize these models can now provide users with descriptive annotations of various types of contracts, including Privacy Policies. However, these tools remain vulnerable to adversarial attacks, specifically adversarial legal documents, which differ from typical text based adversarial attacks due to the necessity of preserving the continuity of a legal document. Therefore, focusing on the OPP-115 corpus and Polisis specifically, we propose a framework that consists of a Doc2Vec model and a variety of shallow and deep learning methods for classification, followed by adversarial attacks on Privacy Policy segments which utilize GPT 3.5, a state-of-the-art LLM, in order to create an adversarial Privacy Policy. We evaluate the effectiveness of our method by comparing attack results to those produced by current methods, including Bert Attack and Text Fooler. Our procedure reveals not just that an attack using GPT 3.5 is an effective means of producing an adversarial policy, but that it is surprisingly easy to prompt a widely used state-of-the-art LLM to perform such a task.

AB - While Machine Learning (ML) is widely used in many industries, one sector that is just beginning to leverage this technology is the legal field. Efforts like the construction of the OPP-115 Privacy Policy corpus make it possible to train Natural Language Processing (NLP) and ML models for legal use, and tools such as Polisis, Claudette, etc., which utilize these models can now provide users with descriptive annotations of various types of contracts, including Privacy Policies. However, these tools remain vulnerable to adversarial attacks, specifically adversarial legal documents, which differ from typical text based adversarial attacks due to the necessity of preserving the continuity of a legal document. Therefore, focusing on the OPP-115 corpus and Polisis specifically, we propose a framework that consists of a Doc2Vec model and a variety of shallow and deep learning methods for classification, followed by adversarial attacks on Privacy Policy segments which utilize GPT 3.5, a state-of-the-art LLM, in order to create an adversarial Privacy Policy. We evaluate the effectiveness of our method by comparing attack results to those produced by current methods, including Bert Attack and Text Fooler. Our procedure reveals not just that an attack using GPT 3.5 is an effective means of producing an adversarial policy, but that it is surprisingly easy to prompt a widely used state-of-the-art LLM to perform such a task.

KW - Adversarial Attacks

KW - LLM

KW - Privacy Policy

UR - http://www.scopus.com/inward/record.url?scp=105001664653&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=105001664653&partnerID=8YFLogxK

U2 - 10.1109/BIGCOM65357.2024.00032

DO - 10.1109/BIGCOM65357.2024.00032

M3 - Conference contribution

AN - SCOPUS:105001664653

SP - 173

EP - 180

BT - Proceedings - 2024 10th International Conference on Big Data Computing and Communications, BIGCOM 2024

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 10th International Conference on Big Data Computing and Communications, BIGCOM 2024

Y2 - 9 August 2024 through 11 August 2024

ER -

GPT Attack for Adversarial Privacy Policies

Abstract

Conference

Keywords

ASJC Scopus subject areas

Online availability

Library availability

Related links

Fingerprint

Cite this