Hard problems that reduce to document ranking(noperator.dev) |
Hard problems that reduce to document ranking(noperator.dev) |
Reducing problems to document ranking is effectively a type of test-time search - also very interesting!
I wonder if this approach could be combined with GRPO to create more efficient chain of thought search...
https://github.com/BishopFox/raink?tab=readme-ov-file#descri...
The LLM companies work on the LLMs, while tens of thousands of startups and established companies work on applying what already exists.
It's not either/or.
I am trying to grok why we want to find the fix - is it to understand what was done so we can exploit unpatched instances in the wild?
Also also
“identifying candidate functions for fuzzing targets“ - if every function is a document I get where the list of documents is, what what is the query - how do I say “find me a function most suitable to fuzzing”
Apologies if that’s brusque - trying to fit new concepts in my brain :-)
Maybe you even use the LLM to find vulnerable snippets at the beginning, but a multi class classifier or embedding model will be way better at runtime.
awesome-generative-information-retrieval > Re-ranking: https://github.com/gabriben/awesome-generative-information-r...
How'd it perform compared to listwise?
Also curious about whether you tried schema-based querying to the llm (function calling / structured output). I recently tried to have a discussion about this exact topic with someone who posted about pairwise ranking with llms.
https://lobste.rs/s/yxlisx/llm_sort_sort_input_lines_semanti...
Should be "document ranking reduces to these hard problems",
I never knew why the convention was like that, it seems backwards to me as well, but that's how it is.
At least bother to read the discussion in the sibling comments.
I don't think you understand what is being talked about here.
If data is the issue you can probably even generate vulnerabilities to create a synthetic dataset.
With enough data, you could train a classic ml model, or you could keep the llm in the inference pipeline, but is there another way?
1. Train an embedding model which forces “similar” inputs close together using triplet loss. Here “similar” can mean anything, but you would probably want to mark similar vulnerabilities as being similar.
2. If you have a fixed set of N vulnerabilities you can train a multi class classifier. Of course it’s a pain in the ass to add a new class later on.
3. For any particular vulnerability you could train a ranking model using hinge loss. This is what most industrial ranking and recommendation systems do.
Say you have a problem that you know reasonably well (A-type) and another one that you're studying (B-type), intuitively, you'd say "If I transform B to A and I know the solution to A, then I solved B" but what you actually need to do is to transform A to B, this is called "reducing A to B", for some reason, and then you can say things like "B is at least as complex as A" and "I can solve some instances of B the way I solve the general case of A".
This doesn't really apply here since neither the "hard problems" TFA mentions nor "document ranking" are canonical problems that you would typically use in these proofs, but since he's borrowing the term from this part of CS I wanted to make that remark on its proper use. Hence why I wrote "minor nitpick".
The reduce operation that you mentioned doesn't make sense within the context of the article.
The article takes for granted that LLM-driven listwise comparisons efficiently solve document ranking (problem B), and then shows this can also be used as a subroutine to solve various hard problems like vulnerability analysis (problems A) efficiently.
If A reduces to B, it means that B is at least as hard as A.
This is the standard terminology in every theoretical computer science; see for example the DPV textbook on page 210: https://github.com/eherbold/berkeleytextbooks/blob/master/Al...
Do you have something to add or is it just ... a confirmation?
Weird.
> If A reduces to B, it means that an algorithm implementing B can be used (with some pre- and post-processing) to solve A.
Here we say that that we can solve a "hard problem" if we can express it in terms of the "Document Ranking" problem.
Let's rewrite that quoted sentence:
An algorithm implementing "Document Ranking" can be used (with some pre- and post-processing) to solve "Hard problem".
Let's do substitution in the first part of the sentence, "If A reduces to B", where A is "hard problem" and B is "Document Ranking":
Hard problem reduces to Document Ranking.
That means EXACTLY that we can USE Document Ranking to SOLVE the Hard Problem. Just as we wanted.
moralestapia: If I transform B to A and I know the solution to A, then I solved B.
Ar-Curunir: If A reduces to B, it means that B is at least as hard as A.
moralestapia: [...] B is at least as complex as A
Can you even read?
I wouldn't have wrote that sentence to introduce people to reduction, because it misses a very important property of the operation that changes the whole thing. That sentence could lead you to think that reducing A <= B is the same as reducing B <= A, which is not always true. To see why, try to understand [1].
There's a reason why the reduction equivalence classes form a preorder, as stated on the Wikipedia page you quoted.
The article indeed argues that solving n-day vulnerability discovery is no harder than document ranking. It does not argue that document ranking is no harder than n-day discovery, because it assumes that most people already would assume that; nor does it set out to disprove it.
My reasoning goes along this line, which of the following two sentences you think is more likely to be true?
A. All n-day vulnerability discovery problems can be mapped to a document rerank problem.
or
B. Some n-day vulnerability discovery problems can be mapped to a document rerank problem.
I lean towards B, without any proof for it. Hence why I think the correct way is to reduce reranks into n-days (and all the other "hard problems").
If you think A is true, you still have to show that all reranks can be reduced to n-days, to be rigorous and able to say that your proposed algorithm works in both domains.
In the end it could be that both alternatives are equivalent, but it's easier to just say "reranks can be reduced to n-days" and because of this "some n-days can be adequately solved by my algorithm that works in reranks".
A does not require demonstrating doc-rank problems map to n-day problems, since reduction isn’t required to be symmetric.
Where you might be getting caught up is in the mapping of problems vs the mapping of solutions. “Nday reduces to docrank” implies we can turn every nday problem into a docrank problem, and every docrank solution into an nday solution, but does not say anything about whether we can turn docrank problems into nday problems, or nday solutions into docrank solutions.
I agree.
>A does not require demonstrating doc-rank problems map to n-day problems
Of course you have to, that's pretty much the whole operation of reducing A to B. You may be doing it implicitly but you're doing it for sure.
>since reduction isn’t required to be symmetric
That's exactly my point. A <= B is not necessarily the same as B <= A, even though in some cases, at a first glance, it seems to be the case. Your choice of which one is A or B will change how you construct whatever proof you want to come up with.
I would choose to do "reduce rerank to n-day (and all others)", because it feels like it would be easier down the road, but also because one typically reduces the problem that one knows best (more general, known bounds solutions, etc...) into the one that you're studying. That's why I wrote "minor nitpick".
Think about the textbook example of 3-SAT and all other problems it reduces to: clique, vertex cover, independent set, ... one does not reduce these problems into 3-SAT, it's the other way around. That doesn't mean you couldn't, some of them may have an complete equivalences to 3-SAT, but it's just easier to work out everything if you go from 3-SAT to the rest. My argument is the same, rerank is the thing that you reduce to all others.
But the article isn’t mapping docrank to nday, nor is it claiming to reduce docrank to nday. Its choice of A and B is clear.
Nday didn’t have an understood solution to leverage like docrank did.
> one typically reduces the problem that one knows best (more general, known bounds solutions, etc...) into the one that you're studying
Wikipedia: “”” There are two main situations where we need to use reductions:
First, we find ourselves trying to solve a problem that is similar to a problem we've already solved. In these cases, often a quick way of solving the new problem is to transform each instance of the new problem into instances of the old problem, solve these using our existing solution, and then use these to obtain our final solution. This is perhaps the most obvious use of reductions. “””
This is what the article does, reducing the new nday problem into the known docrank one.
“”” Second: suppose we have a problem that we've proven is hard to solve, and we have a similar new problem. We might suspect that it is also hard to solve. We argue by contradiction: suppose the new problem is easy to solve. Then, if we can show that every instance of the old problem can be solved easily by transforming it into instances of the new problem and solving those, we have a contradiction. This establishes that the new problem is also hard. “””
This is your ‘transform A to B, this is called "reducing A to B", for some reason, and then you can say things like "B is at least as complex as A" and "I can solve some instances of B the way I solve the general case of A’. “Nday discovery is at least as complicated as document ranking” is obvious, though, which is why it’s not the subject of a blog post.
Hence why you do docrank reduced to n-day. You typically map known into unknown. That's the point I'm trying to make.
I'm not saying the alternative is wrong, though, it's just not what one usually does.
(btw, even though this format makes everything look confrontative, I'm actually enjoying this thread a lot :D)