The Security Threat of Compressed Projectors in Large Vision-Language Models

TL;DR

This paper investigates the security vulnerabilities of compressed versus uncompressed visual language projectors in large vision-language models, revealing that compressed projectors are significantly more vulnerable to adversarial attacks.

Contribution

It provides the first comprehensive security comparison between compressed and uncompressed projectors in LVLMs, highlighting the robustness of uncompressed projectors.

Findings

Compressed projectors have significant vulnerabilities to adversarial attacks.

Uncompressed projectors demonstrate robust security properties.

Guidance for selecting secure visual language projectors.

Abstract

The choice of a suitable visual language projector (VLP) is critical to the successful training of large visual language models (LVLMs). Mainstream VLPs can be broadly categorized into compressed and uncompressed projectors, and each offers distinct advantages in performance and computational efficiency. However, their security implications have not been thoroughly examined. Our comprehensive evaluation reveals significant differences in their security profiles: compressed projectors exhibit substantial vulnerabilities, allowing adversaries to successfully compromise LVLMs even with minimal knowledge of structure information. In stark contrast, uncompressed projectors demonstrate robust security properties and do not introduce additional vulnerabilities. These findings provide critical guidance for researchers in selecting optimal VLPs that enhance the security and reliability of visual language models. The code is available at https://github.com/btzyd/TCP.