Generation of Programmatic Rules for Document Forgery Detection Using Large Language Models

TL;DR

This paper explores how fine-tuned large language models can automatically generate rule-based plausibility checks to detect document forgery, aiming to improve scalability and effectiveness in security-critical environments.

Contribution

It demonstrates the feasibility of using domain-adapted LLMs to generate executable verification rules for forgery detection, reducing manual effort and enhancing scalability.

Findings

LLMs can generate effective plausibility checks

Fine-tuning improves model performance on domain-specific tasks

Models generalize to unseen forgery patterns

Abstract

Document forgery poses a growing threat to legal, economic, and governmental processes, requiring increasingly sophisticated verification mechanisms. One approach involves the use of plausibility checks, rule-based procedures that assess the correctness and internal consistency of data, to detect anomalies or signs of manipulation. Although these verification procedures are essential for ensuring data integrity, existing plausibility checks are manually implemented by software engineers, which is time-consuming. Recent advances in code generation with large language models (LLMs) offer new potential for automating and scaling the generation of these checks. However, adapting LLMs to the specific requirements of an unknown domain remains a significant challenge. This work investigates the extent to which LLMs, adapted on domain-specific code and data through different fine-tuning strategies, can generate rule-based plausibility checks for forgery detection on constrained hardware resources. We fine-tune open-source LLMs, Llama 3.1 8B and OpenCoder 8B, on structured datasets derived from real-world application scenarios and evaluate the generated plausibility checks on previously unseen forgery patterns. The results demonstrate that the models are capable of generating executable and effective verification procedures. This also highlights the potential of LLMs as scalable tools to support human decision-making in security-sensitive contexts where comprehensibility is required.