This work addresses the vulnerability of large language models (LLMs) in academic peer review to embedded adversarial prompt attacks, which can compromise the fairness and integrity of the review process. The authors propose the first dynamic adversarial training mechanism tailored for LLM-based reviewing systems, introducing a co-evolutionary adversarial framework that jointly optimizes a generator and a defender. This framework leverages a joint loss function inspired by information retrieval–based generative adversarial networks (IR-GANs) to drive continuous co-adaptation between the two components. Empirical results demonstrate that the proposed approach substantially outperforms static defense strategies, exhibiting superior robustness and adaptability in detecting stealthy attacks and generalizing to both novel and evolving adversarial examples.

As Large Language Models (LLMs) are increasingly integrated into academic peer review, their vulnerability to adversarial prompts -- adversarial instructions embedded in submissions to manipulate outcomes -- emerges as a critical threat to scholarly integrity. To counter this, we propose a novel adversarial framework where a Generator model, trained to create sophisticated attack prompts, is jointly optimized with a Defender model tasked with their detection. This system is trained using a loss function inspired by Information Retrieval Generative Adversarial Networks, which fosters a dynamic co-evolution between the two models, forcing the Defender to develop robust capabilities against continuously improving attack strategies. The resulting framework demonstrates significantly enhanced resilience to novel and evolving threats compared to static defenses, thereby establishing a critical foundation for securing the integrity of peer review.