{"id":"https://openalex.org/W7148525494","doi":"https://doi.org/10.48550/arxiv.2604.00387","title":"RAGShield: Detecting Numerical Claim Manipulation in Government RAG Systems","display_name":"RAGShield: Detecting Numerical Claim Manipulation in Government RAG Systems","publication_year":2026,"publication_date":"2026-04-01","ids":{"openalex":"https://openalex.org/W7148525494","doi":"https://doi.org/10.48550/arxiv.2604.00387"},"language":null,"primary_location":{"id":"doi:10.48550/arxiv.2604.00387","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2604.00387","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"type":"preprint","indexed_in":["datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://doi.org/10.48550/arxiv.2604.00387","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5132829811","display_name":"KrishnaSaiReddy Patil","orcid":null},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Patil, KrishnaSaiReddy","raw_affiliation_strings":[],"affiliations":[]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":1,"corresponding_author_ids":["https://openalex.org/A5132829811"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11986","display_name":"Scientific Computing and Data Management","score":0.6633999943733215,"subfield":{"id":"https://openalex.org/subfields/1802","display_name":"Information Systems and Management"},"field":{"id":"https://openalex.org/fields/18","display_name":"Decision Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},"topics":[{"id":"https://openalex.org/T11986","display_name":"Scientific Computing and Data Management","score":0.6633999943733215,"subfield":{"id":"https://openalex.org/subfields/1802","display_name":"Information Systems and Management"},"field":{"id":"https://openalex.org/fields/18","display_name":"Decision Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.07509999722242355,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.029600000008940697,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/insider","display_name":"Insider","score":0.5654000043869019},{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.5609999895095825},{"id":"https://openalex.org/keywords/knowledge-base","display_name":"Knowledge base","score":0.5406000018119812},{"id":"https://openalex.org/keywords/adversary","display_name":"Adversary","score":0.4772999882698059},{"id":"https://openalex.org/keywords/contradiction","display_name":"Contradiction","score":0.45239999890327454},{"id":"https://openalex.org/keywords/government","display_name":"Government (linguistics)","score":0.3806999921798706},{"id":"https://openalex.org/keywords/access-control","display_name":"Access control","score":0.35910001397132874},{"id":"https://openalex.org/keywords/nist","display_name":"NIST","score":0.3422999978065491}],"concepts":[{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.7303000092506409},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.682699978351593},{"id":"https://openalex.org/C2778971194","wikidata":"https://www.wikidata.org/wiki/Q1664551","display_name":"Insider","level":2,"score":0.5654000043869019},{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.5609999895095825},{"id":"https://openalex.org/C4554734","wikidata":"https://www.wikidata.org/wiki/Q593744","display_name":"Knowledge base","level":2,"score":0.5406000018119812},{"id":"https://openalex.org/C41065033","wikidata":"https://www.wikidata.org/wiki/Q2825412","display_name":"Adversary","level":2,"score":0.4772999882698059},{"id":"https://openalex.org/C2776728590","wikidata":"https://www.wikidata.org/wiki/Q363948","display_name":"Contradiction","level":2,"score":0.45239999890327454},{"id":"https://openalex.org/C2778137410","wikidata":"https://www.wikidata.org/wiki/Q2732820","display_name":"Government (linguistics)","level":2,"score":0.3806999921798706},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.35910001397132874},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.3483999967575073},{"id":"https://openalex.org/C111219384","wikidata":"https://www.wikidata.org/wiki/Q6954384","display_name":"NIST","level":2,"score":0.3422999978065491},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.33009999990463257},{"id":"https://openalex.org/C77618280","wikidata":"https://www.wikidata.org/wiki/Q1155772","display_name":"Scheme (mathematics)","level":2,"score":0.3255999982357025},{"id":"https://openalex.org/C176329583","wikidata":"https://www.wikidata.org/wiki/Q191943","display_name":"Zero-knowledge proof","level":3,"score":0.3215000033378601},{"id":"https://openalex.org/C2993995455","wikidata":"https://www.wikidata.org/wiki/Q3150005","display_name":"Legal document","level":2,"score":0.30379998683929443},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.2992999851703644},{"id":"https://openalex.org/C199776023","wikidata":"https://www.wikidata.org/wiki/Q202875","display_name":"Negotiation","level":2,"score":0.29179999232292175},{"id":"https://openalex.org/C60643870","wikidata":"https://www.wikidata.org/wiki/Q1949683","display_name":"Deterrence theory","level":2,"score":0.27410000562667847},{"id":"https://openalex.org/C108713360","wikidata":"https://www.wikidata.org/wiki/Q1824206","display_name":"Supply chain","level":2,"score":0.26910001039505005},{"id":"https://openalex.org/C2776633304","wikidata":"https://www.wikidata.org/wiki/Q6038026","display_name":"Insider threat","level":3,"score":0.26010000705718994}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.48550/arxiv.2604.00387","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2604.00387","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"doi:10.48550/arxiv.2604.00387","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2604.00387","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.5597890019416809,"display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"Retrieval-Augmented":[0],"Generation":[1],"(RAG)":[2],"systems":[3],"are":[4],"deployed":[5],"across":[6],"federal":[7],"agencies":[8],"for":[9],"citizen-facing":[10],"tax":[11,42],"guidance,":[12],"benefits":[13],"eligibility,":[14],"and":[15,60,104,128],"legal":[16],"information,":[17],"where":[18],"a":[19,36,41,98,133],"single":[20],"incorrect":[21],"number":[22],"causes":[23],"direct":[24],"financial":[25],"harm.":[26],"This":[27],"paper":[28],"proves":[29],"that":[30,82,147],"all":[31],"embedding-based":[32,174],"RAG":[33],"defenses":[34,175],"share":[35],"fundamental":[37],"blind":[38,71],"spot:":[39],"changing":[40],"deduction":[43],"by":[44,92],"$50,000":[45],"produces":[46],"cosine":[47],"similarity":[48],"0.9998,":[49],"invisible":[50],"to":[51,112],"every":[52,130,165],"known":[53,150],"detection":[54,122],"threshold.":[55],"Across":[56],"174":[57],"manipulation":[58],"pairs":[59],"two":[61],"embedding":[62],"models,":[63],"the":[64,138,179],"mean":[65],"sensitivity":[66],"gap":[67],"is":[68,73,81],"1,459x.":[69],"The":[70],"spot":[72],"confirmed":[74],"on":[75,94,123],"real":[76,125,159],"IRS":[77,126,160],"documents.The":[78],"root":[79],"cause":[80],"embeddings":[83],"encode":[84],"topic,":[85],"not":[86],"numerical":[87],"precision.":[88],"RAGShield":[89,163],"sidesteps":[90],"this":[91],"operating":[93],"extracted":[95],"values":[96],"directly:":[97],"pattern-based":[99],"engine":[100],"identifies":[101],"dollar":[102],"amounts":[103],"percentages":[105],"in":[106],"government":[107,151],"text,":[108],"links":[109],"each":[110],"value":[111,145],"its":[113],"governing":[114],"entity":[115,121],"through":[116],"two-pass":[117],"context":[118],"propagation":[119],"(99.8%":[120],"2,742":[124],"passages),":[127],"verifies":[129],"claim":[131],"against":[132],"cross-source":[134],"registry":[135],"built":[136],"from":[137,158],"corpus":[139],"itself.":[140],"A":[141],"temporal":[142],"tracker":[143],"flags":[144],"changes":[146],"fall":[148],"outside":[149],"update":[152],"schedules.":[153],"On":[154],"430":[155],"attacks":[156],"generated":[157],"document":[161],"content,":[162],"detects":[164],"one":[166],"(0.0%":[167],"ASR,":[168],"95%":[169],"CI":[170],"[0%,":[171],"1%])":[172],"while":[173],"miss":[176],"79-90%":[177],"of":[178],"same":[180],"attacks.":[181]},"counts_by_year":[],"updated_date":"2026-04-08T06:01:36.053099","created_date":"2026-04-03T00:00:00"}