VLM-Guard: Safeguarding Vision-Language Models via Fulfilling Safety Alignment Gap

TL;DR

VLM-Guard introduces an inference-time method to improve safety in vision-language models by aligning their representations with the safety standards of underlying language models, addressing the modality gap issue.

Contribution

It proposes VLM-Guard, a novel inference-time intervention that enhances safety alignment in VLMs by leveraging LLM safety guidance to mitigate modality gap vulnerabilities.

Findings

VLM-Guard effectively reduces unsafe responses in VLMs.

The method improves safety alignment between VLMs and their LLM components.

Experimental results demonstrate robustness across three malicious instruction scenarios.

Abstract

The emergence of vision language models (VLMs) comes with increased safety concerns, as the incorporation of multiple modalities heightens vulnerability to attacks. Although VLMs can be built upon LLMs that have textual safety alignment, it is easily undermined when the vision modality is integrated. We attribute this safety challenge to the modality gap, a separation of image and text in the shared representation space, which blurs the distinction between harmful and harmless queries that is evident in LLMs but weakened in VLMs. To avoid safety decay and fulfill the safety alignment gap, we propose VLM-Guard, an inference-time intervention strategy that leverages the LLM component of a VLM as supervision for the safety alignment of the VLM. VLM-Guard projects the representations of VLM into the subspace that is orthogonal to the safety steering direction that is extracted from the safety-aligned LLM. Experimental results on three malicious instruction settings show the effectiveness of VLM-Guard in safeguarding VLM and fulfilling the safety alignment gap between VLM and its LLM component.