EcoSafeRAG: Efficient Security through Context Analysis in Retrieval-Augmented Generation

TL;DR

EcoSafeRAG enhances the security of Retrieval-Augmented Generation by analyzing context diversity at the sentence level to detect malicious content, improving safety without relying on internal model knowledge.

Contribution

EcoSafeRAG introduces a novel sentence-level context analysis method for RAG security, enabling effective detection of malicious content without internal model reliance.

Findings

Achieves state-of-the-art security in RAG systems.

Maintains low latency and reduces token usage.

Improves safety while preserving performance.

Abstract

Retrieval-Augmented Generation (RAG) compensates for the static knowledge limitations of Large Language Models (LLMs) by integrating external knowledge, producing responses with enhanced factual correctness and query-specific contextualization. However, it also introduces new attack surfaces such as corpus poisoning at the same time. Most of the existing defense methods rely on the internal knowledge of the model, which conflicts with the design concept of RAG. To bridge the gap, EcoSafeRAG uses sentence-level processing and bait-guided context diversity detection to identify malicious content by analyzing the context diversity of candidate documents without relying on LLM internal knowledge. Experiments show EcoSafeRAG delivers state-of-the-art security with plug-and-play deployment, simultaneously improving clean-scenario RAG performance while maintaining practical operational costs (relatively 1.2$\times$ latency, 48\%-80\% token reduction versus Vanilla RAG).