Intuitive or Dependent? Investigating LLms’ Robustness to Conflicting Prompts

Role instructions and real-world application

Role instruction denotes a special instruction in the prompt to change LLMs' behavior to align with human needs, e.g., "As an academic writing assistant,", which is commonly used in real-world applications (As reviewer WVwf mentioned). For instance, users frequently employ prompts such as "You are a helpful assistant" when seeking assistance from ChatGPT. This role instruction is shown as a demonstrative example in OpenAI's documentation[4].

In our work, (Mentioned in Section 3.6) we use two distinct role prompts to steer the models into specific decision-making pathways: Dependent Role: In this intervention, the model is furnished with a role prompt that asks it to prioritize information solely from the external prompt when generating answers. Intuitive Role: Contrary to the dependent role, this role prompt is designed to push the model towards relying predominantly on its intrinsic memory. (Prompt is shown in Appendix B.4). We want to change the model's inner preference by deploying such instructions. These two prompts are also practical. Taking retrieval augmented LLMs as an example, the retrieval results will be the context and the context may contain the newest information that the model does have. In that case, we expect to use the dependent role instruction to help the model utilize the context.

Golden and negative contexts constructed and application scenarios for factual robustness

The golden/positive contexts are provided in existing datasets, which contain the factual knowledge/commonsense knowledge to answer the question. Negative contexts are modified from positive contexts by corrupting the answer information. Specifically, we employ ChatGPT to replace the answer information in the positive context with the incorrect information for each sample in SQuAD and MuSiQue, For each example in ECQA and e-CARE, we use ChatGPT to generate an explanation for the negative answer as the negative context. The detailed prompt and case are shown in Appendix B.1 (More detailed in Section 2).

Hallucination[5] remains one of the most significant challenges facing Large Language Models. Current research approaches, such as retrieval-augmented methods [6]and tool-augmented techniques[7], aim to mitigate this by prompting models with retrieval results and tool responses (For example, openAI has published plugins to implement on ChatGPT, with which model can help to search on the google to seek for information). However, these retrieval results can introduce conflict (the model lacks/has wrong memory, while the prompt is correct) and sometimes introduce noise or incorrect information. The model's uncertain behavior toward the input prompt may lead to low-quality responses. Our work focuses on models' robustness (factual and decision style) in these conflict situations. By systematically analyzing the robustness of the model we can make this uncertainty clearer thus paving the way to solve hallucination.

[4]demonstrative example for role instruction https://platform.openai.com/docs/guides/text-generation/chat-completions-api

[5] Rawte, Vipula, Amit Sheth, and Amitava Das. "A survey of hallucination in large foundation models." arXiv preprint arXiv:2309.05922 (2023).

[6] Shuster, Kurt, et al. "Retrieval augmentation reduces hallucination in conversation." arXiv preprint arXiv:2104.07567 (2021).

[7]Schick, Timo, et al. "Toolformer: Language models can teach themselves to use tools." arXiv preprint arXiv:2302.04761 (2023).

Thank you for your detailed response. Here is the response to your questions

The guidance and the number of human evaluators setting

Due to the time and cost limitations, we consider 12 hand-crafted prompts written by 4 individuals. We try our best to guide the annotators to provide high-quality instructions. In specific, we initially delineated two distinct semantic spaces to guide the instruction creation process. The first set of instructions was designed to elicit model responses without specifying a preference towards the context. The second set contained hints, prompting the model to judiciously evaluate the quality of the context before answering the questions. These instructions are shown in the appendix of our paper.

Regarding the human evaluation aspect, employing four human evaluators is in line with recent practices in LLM evaluation studies [1] [2]. The quality of the constructed dataset is quite high from our human evaluation result shown in the Appendix.

Decision style, instructing a role, why are they connected to the main theme?

We make it clear why decision style and role instruction are connected to the main theme. Please refer to the general response.

Motivation of involving negative and positive context, in-context learning, and decision-making

1.Our research primarily focuses on the robustness of Large Language Models in scenarios where there is a conflict between the input context and the model's memory. To effectively construct these conflict scenarios, we deliberately involve both negative and golden/positive contexts (where negative contexts point to the negative answer while the golden/positive context points to the correct answer), which allows us to simulate situations where LLMs might receive conflicting information. (Refer to the general response for more explaintion for the motivation)

2.In-context learning, in the field of language models like GPT-3, refers to the model's ability to learn and perform tasks based on a few examples provided in its prompt [3]. In-context example is an important part of the prompt, to systematically evaluate robustness we involved this component to guarantee completeness.

3.The motivations of decision style analysis are: 1). To systemically analyze the preferences models enables us to get insights into the models’ behavioral inclinations. Then we can strategically influence and modify these internal preferences to measure their adaptively and thereby exert control over the model's external performance and get the upper bound of it. 2). From a practical perspective, sometimes the conflict between memory and prompts is not related to correctness. That is, both are correct, and it is just about how the models make decisions, e.g., recommendations. Still, this is also important as we want the model's behavior consistent and predictable. 3) Instructing LLMs to play a specific role is commonly used, while there is no quantitative analysis. We are to fill in this research blank. (For more contribution in this aim, please refer to general response).

The use of frequency-based assessments

Our contribution is 1. We highlight two kinds of robustness which are all practical in read-world scenarios and 2. Provide a systematic evaluation framework to evaluate the two robustness under conflict. 3.We measure models’ adaptability in role-playing. This aspect of adaptability is particularly crucial, given the growing popularity of role play as a method to direct model behavior, yet it has not been quantitatively assessed before. And also get the upper bound for each model. 4. We have conducted a lot of experiments and got interesting findings.

[1] Zeng, Zhiyuan, et al. "Evaluating large language models at evaluating instruction following." arXiv preprint arXiv:2310.07641 (2023).

[2] Chiang, Cheng-Han, and Hung-yi Lee. "Can Large Language Models Be an Alternative to Human Evaluations?." arXiv preprint arXiv:2305.01937 (2023).

[3] How does in-context learning work? A framework for understanding the differences from traditional supervised learning http://ai.stanford.edu/blog/understanding-incontext/

Dear reviewer:

Thank you for your careful comments again. Since today marks the final day of discussion, we kindly request once again for your feedback and comments. As shown in your comment "I am willing to raise the score for further explanations.", we sincerely look forward to your further feedback. If you find that our responses have effectively addressed your concerns, can you give us feedback? Your feedback is crucial to us. We apologize for any inconvenience caused.

Thanks for your comprehensive review. Here are the responses on the questions

The university of the findings

Our main contribution lies in the proposed evaluation framework and the findings are also universally applicable. First, we consider the task-solving scenario without preference intervention, which targets the ability of LLMs only. For fairness, we have conducted an instruction selection process (Section 3.3) (Section 3.3) to select instructions from a substantial, non-preferential instruction set within the KRE dataset for each model. This evaluation process ensures the reliability of the two robustness scores — factual robustness and decision-making style.

Taking the above results as basic scores (original scores), we explore whether can change this internal preference, we implement role-play interventions (a practical method in the real world, where people usually instruct LLMs with specific roles). This advanced step enables us to measure models’ adaptability in role-playing which is a crucial aspect. Further, we analyze how this inner change affects the factual robustness. As you mentioned there are variances for VR and RR under specific role instruction. It's important to note that these variances do not solely reflect the model's robustness. For example, to some extreme, the model achieves 100 on VR under the intuitive role instruction does not necessarily indicate a model's superior capability to discern incorrect information in the prompt.

In conclusion, the changing scores are based on different scenarios; meanwhile, we want to highlight the importance of such a quantitative evaluation framework for robustness adaptability, and upper bound(Refer to the general response for detailed contributions.).

For the use of the role play interventions

Our unique contribution lies in quantitatively assessing the adaptability of these models in such role-playing scenarios and proposing the upper-bound metric using role play instruction. This aspect of adaptability is particularly crucial, given the growing popularity of role play as a method to direct model behavior, yet it has not been quantitatively assessed before.

We have done the experiments when the context is omitted — the memory assessment (Section 3.2). It is more of an 'intuitive role' indeed. However, it is also meaningful to consider contexts even if instructing asks to overlook them. Taking retrieval augmented LLMs as an example, the retrieval results will be the context and the context can be noisy. In that case, we expect the model's ability to ignore the context. Our proposed evaluation framework is to testify such ability quantitatively, rather than highlighting the role play method itself.

Dear reviewer:

Thank you for your careful comments again. Since today marks the final day of discussion, we kindly request once again for your feedback and comments. As shown in your comment "I am willing to raise the score for further explanations.", we sincerely look forward to your further feedback. If you find that our responses have effectively addressed your concerns, can you give us feedback? Your feedback is crucial to us. We apologize for any inconvenience caused.

Thanks for your suggestions. Here is our response to each question.

For the confusion about the notation:

Can you explain which notations are confusing?

The meaning of the "high-quality"

"To ensure high quality, our knowledge robustness evaluation dataset (KRE) dataset extends existing machine reasoning comprehension (MRC) and commonsense reasoning (CR) datasets by automatically generating conflicting cases." Here high quality pointed at the quality of the data sample, including whether the question is rational, and whether the given answer corresponds to the question.

The definition of commonsense and factual knowledge

Commonsense knowledge[1], in the context of artificial intelligence, consists of facts about the everyday world that all humans are expected to know. Examples include basic truths like "Lemons are sour" or "Cows say moo". The question about commonsense knowledge requires the interpretation of everyday situations and understanding of the general beliefs about the world.

On the other hand, Factual knowledge refers to information that is based on real, objective facts and evidence. For example the Historical Facts: "The American Civil War lasted from 1861 to 1865." This type of knowledge is often found in encyclopedias, textbooks, and scientific publications. The questions about factual knowledge are focused on seeking specific, evidence-backed information.

In our study, we have selected two Machine Reading Comprehension (MRC) datasets that are based on Wikipedia contexts. This choice is deliberate, as Wikipedia's content which are commonly used as factual knowledge, makes these datasets suitable for testing factual knowledge. Conversely, the chosen Commonsense Reasoning (CR) datasets are inherently designed to test commonsense knowledge.

Explain for the "adversarial prompts"

Here "adversarial prompts" in our paper refer to negative context. That is, we try to introduce a piece of conflicting information in the prompt. We understand that adversarial prompts are well-known in other fields. We will remove it and keep our terms consistent.

Interpretation for the result " LMs prioritize the prompts with factual knowledge more than with commonsense knowledge"

Our findings indicate a notable trend (shown in Figure 3): in the MRC dataset, where the input context is factual knowledge, the tested models exhibited higher RR and lower VR compared to RC. A higher RR score indicates that the models benefitted more from the addition of factual knowledge in the MRC task contexts. Conversely, a lower VR score suggests that the models are more influenced by the negative prompts. Thus, we conclude that the baseline models can better utilize factual knowledge than commonsense knowledge from prompt contexts.

The interpretation of Figures 2 and 3

We have modified Figures 2, and 3 to make it clearer in our new edition. For Figure 2 (Figure 3 in the revised paper) presents VR and RR together, where the solid bar denotes VR and the dashed bar denotes RR. Both denote more robust models if have longer bars. We put them together because we can also illustrate the overall robustness — the total length of solid and dashed bars. To make them clearer, we increased the font size of the legend and the label.

Figure 3 (Figure. 4 in the revised paper) explores the impacts of hints in the prompts — if we can improve the model's robustness by giving some hints about the context of the prompt (details in Section 2). First, we can see, from the lines, that neither ChatGPT nor Vicuna showcases any substantial improvements. Second, we use bars to delve into the reason. With prompt hints, although the negative answers (light green bars) decrease, there are more invalid answers (dark green bars), which offsets the improvements.

[1] https://en.wikipedia.org/wiki/Commonsense_knowledge_(artificial_intelligence)

For the issue of the sentence "Interestingly, LLaMA the only one that aligns with the Rational Style"

It is a writing error, we have corrected it in the new edition.

Explaination for the "God’s-eye view" instructions

We have deleted the term God-'s eye view instruction in the revised paper for clarity. The instruction is to play an intuitive role when the model has correct memory, and a dependent role when has no correct memory.

Motivation of doing decision style analysis

The motivations of decision style analysis are:

1.To systemically analyze the preferences models enables us to get insights into the models’ behavioral inclinations. Then we can strategically influence and modify these internal preferences to measure their adaptively and thereby exert control over the model's performance.

2.From a practical perspective, sometimes the conflict between memory and prompts is not related to correctness. That is, both are correct, and it is just about how the models make decisions, e.g., recommendations. Still, this is also important as we want the model's behavior consistent and predictable.

3.Instructing LLMs to play a specific role is commonly used, while there is no quantitative analysis. We are to fill in this research blank. (For more contributions to this aim, please refer to the general response).

Dear reviewer: Thank you for your careful comments again. Since today marks the final day of discussion, we kindly request once again for your feedback and comments. As shown in your comment "I am willing to raise the score for further explanations.", we sincerely look forward to your further feedback. If you find that our responses have effectively addressed your concerns, can you give us feedback? Your feedback is crucial to us. We apologize for any inconvenience caused.