MLLM-Protector: Ensuring MLLM's Safety without Hurting Performance
Renjie Pi, Tianyang Han, Jianshu Zhang, Yueqi Xie, Rui Pan, Qing Lian,, Hanze Dong, Jipeng Zhang, Tong Zhang
TL;DR
This paper introduces MLLM-Protector, a strategy to defend multimodal large language models from malicious visual input attacks, ensuring safety without sacrificing model performance.
Contribution
It proposes a novel plug-and-play method with harm detection and response detoxification to enhance MLLM security against visual attacks.
Findings
Effective mitigation of malicious visual input risks
Maintains original MLLM performance
Robust defense demonstrated in experiments
Abstract
The deployment of multimodal large language models (MLLMs) has brought forth a unique vulnerability: susceptibility to malicious attacks through visual inputs. This paper investigates the novel challenge of defending MLLMs against such attacks. Compared to large language models (LLMs), MLLMs include an additional image modality. We discover that images act as a ``foreign language" that is not considered during safety alignment, making MLLMs more prone to producing harmful responses. Unfortunately, unlike the discrete tokens considered in text-based LLMs, the continuous nature of image signals presents significant alignment challenges, which poses difficulty to thoroughly cover all possible scenarios. This vulnerability is exacerbated by the fact that most state-of-the-art MLLMs are fine-tuned on limited image-text pairs that are much fewer than the extensive text-based pretraining…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Code & Models
Videos
Taxonomy
TopicsNatural Language Processing Techniques · Interpreting and Communication in Healthcare · Multimodal Machine Learning Applications