Stringhini’s open-source tool helps peer reviewers catch hallucinated citations
by A.J. Kleber
Technological advancement can bring significant improvements to our lives and work, but it is inevitably accompanied by fresh challenges as well. By now, the issue of so-called “AI slop,” low-quality digital content which proliferates rapidly and in significant quantities, is well-known, as social media feeds and search results fill up with dubiously-sourced information and bland reiterations of the same imagery and ideas. Perhaps even more concerning are the errors, termed “hallucinations,” which can occur when an ever-helpful AI agent generates a plausible response to an inquiry that, although it sounds right and may even draw from reputable material, is ultimately a fabrication. Distinguishing between the factual and the merely plausible is becoming a concern across all facets of society, and even the experts who develop and research AI and machine learning theory and technology are not exempt.
Associate Professor Gianluca Stringhini (ECE) is a respected authority on a variety of forms of online misinformation, malicious activity, and systems security, though the problems he works to address often originate more directly with human culprits. While serving as Program Chair for the Annual Computer Security Applications Conference (ACSAC) in 2025, he began to notice a growing problem: the conference paper submissions were riddled with fabricated citations. Submissions are also increasing exponentially. It’s a combination of factors which makes an overwhelming amount of work for the traditional peer review process, which all scientific and scholarly fields have relied on to uphold standards of quality and integrity.
Tech solutions to tech problems?
In an attempt to address this predicament, Stringhini built a tool which automates some of the process by extracting a paper’s citations and checking them against various creditable databases and online archives, allowing for the rapid detection of fabricated references. Dubbed Hallucinator, the application does not, itself, utilize machine learning; rather than analyzing or generating, it merely automates the one-to-one mapping of data between sources (allowing for a small margin of error, in case of typos or misspellings in an otherwise genuine citation).
While Hallucinator can’t replace human judgement altogether when it comes to checking citations, it helps to narrow down the task considerably, leaving a reviewer to go over only the citations it flags as potentially suspicious. It’s both faster and more resource-conscious than using an AI agent for the same task would be. Of course, Stringhini did produce the original version via “vibe-coding” with an AI agent. When asked if there’s some irony there, he shrugs and agrees that there is. “At the same time, I wouldn’t have had time to develop that without the help of AI.”
As open-source software, the tool has gone through a number of iterations with the help of community testing and tweaking, and can now analyze thousands of references “in a matter of minutes,” according to Stringhini. It’s available in Windows, Mac, and Linux versions, and supports 13 different sources, including databases for scholarship in computer science and medicine, and even United States legislation. Further expansion is likely, as this issue extends to every corner of the scholarly community. University library systems and funding agencies have reached out to express interest in adopting a version of Hallucinator to help them check their own materials and proposals, and Stringhini continues to polish and refine on his end.
The proverbial iceberg
Effective as Hallucinator is, Stringhini warns that fabricated citations are “just a symptom we can measure” when it comes to the larger challenge AI poses for academic publishing, and indeed, the quality of future research and technological advancement. These tools aren’t going anywhere, anytime soon, and it will be necessary to continue adapting and developing new methods to make them work for the production of innovation and factual knowledge … not just plausible fictions.
Gianluca Stringhini’s research is centered on system security and combating a broad spectrum of digital harm, from cyberbullying to malware to internet-based scams. His work has been supported by the NSF, Google, and the Red Hat Collaboratory. He is the recipient of several Best/Distinguished Paper Awards, among other accolades, and has been featured in reporting by the BBC, the New York Times, and other major outlets.
