AI Safety in Practice: Enhancing Adversarial Robustness in Multimodal Image Captioning

TL;DR

This paper proposes a method to improve the adversarial robustness of multimodal image captioning models by using FGSM-based adversarial training, focusing on the text decoder for efficiency and effectiveness.

Contribution

It introduces a targeted adversarial training approach that enhances robustness while reducing computational costs in multimodal image captioning models.

Findings

Selective training of the text decoder achieves robustness comparable to full adversarial training.

The proposed method improves model robustness on Flickr8k and COCO datasets.

Targeted adversarial training offers a cost-effective way to enhance safety in multimodal AI.

Abstract

Multimodal machine learning models that combine visual and textual data are increasingly being deployed in critical applications, raising significant safety and security concerns due to their vulnerability to adversarial attacks. This paper presents an effective strategy to enhance the robustness of multimodal image captioning models against such attacks. By leveraging the Fast Gradient Sign Method (FGSM) to generate adversarial examples and incorporating adversarial training techniques, we demonstrate improved model robustness on two benchmark datasets: Flickr8k and COCO. Our findings indicate that selectively training only the text decoder of the multimodal architecture shows performance comparable to full adversarial training while offering increased computational efficiency. This targeted approach suggests a balance between robustness and training costs, facilitating the ethical deployment of multimodal AI systems across various domains.