In the peer review process of top-tier machine learning (ML) and artificial intelligence (AI) conferences, reviewers are assigned to papers through automated methods. These assignment algorithms consider two main factors: (1) reviewers' expressed interests indicated by their bids for papers, and (2) reviewers' domain expertise inferred from the similarity between the text of their previously published papers and the submitted manuscripts. A significant challenge these conferences face is the existence of collusion rings, where groups of researchers manipulate the assignment process to review each other's papers, providing positive evaluations regardless of their actual quality. Most efforts to combat collusion rings have focused on preventing bid manipulation, under the assumption that the text similarity component is secure. In this paper, we demonstrate that even in the absence of bidding, colluding reviewers and authors can exploit the machine learning based text-matching component of reviewer assignment used at top ML/AI venues to get assigned their target paper. We also highlight specific vulnerabilities within this system and offer suggestions to enhance its robustness.

翻译：在顶级机器学习（ML）与人工智能（AI）会议的同行评审过程中，审稿人通过自动化方法分配给论文。这些分配算法主要考虑两个因素：（1）审稿人通过对论文投标所表达的兴趣偏好；（2）通过审稿人既往发表论文与投稿稿件之间的文本相似度推断其领域专长。此类会议面临的一个重大挑战是合谋圈的存在，即研究人员群体通过操纵分配流程来相互评审论文，无论实际质量如何均给予正面评价。目前大多数针对合谋圈的防范措施都集中于阻止投标操纵，其前提假设是文本相似度匹配环节是安全的。本文证明，即使在没有投标的情况下，合谋的审稿人与作者仍可利用顶级ML/AI会议采用的基于机器学习的审稿人分配系统中的文本匹配组件，成功获取目标论文的评审权。我们同时揭示了该系统中的具体安全漏洞，并提出了增强系统鲁棒性的改进建议。