Papers

Topics

Authors

Recent

View all

Detailed Answer

Quick Answer

Concise responses based on abstracts only

Detailed Answer

Well-researched responses based on abstracts and relevant paper content.

Custom Instructions Pro

Preferences or requirements that you'd like Emergent Mind to consider when generating responses

Gemini 2.5 Flash

Gemini 2.5 Flash 39 tok/s

Gemini 2.5 Pro 49 tok/s Pro

GPT-5 Medium 12 tok/s Pro

GPT-5 High 18 tok/s Pro

GPT-4o 91 tok/s Pro

Kimi K2 191 tok/s Pro

GPT OSS 120B 456 tok/s Pro

Claude Sonnet 4 37 tok/s Pro

2000 character limit reached

Images are Achilles' Heel of Alignment: Exploiting Visual Vulnerabilities for Jailbreaking Multimodal Large Language Models (2403.09792v3)

Published 14 Mar 2024 in cs.CV and cs.CL

Abstract: In this paper, we study the harmlessness alignment problem of multimodal LLMs (MLLMs). We conduct a systematic empirical analysis of the harmlessness performance of representative MLLMs and reveal that the image input poses the alignment vulnerability of MLLMs. Inspired by this, we propose a novel jailbreak method named HADES, which hides and amplifies the harmfulness of the malicious intent within the text input, using meticulously crafted images. Experimental results show that HADES can effectively jailbreak existing MLLMs, which achieves an average Attack Success Rate (ASR) of 90.26% for LLaVA-1.5 and 71.60% for Gemini Pro Vision. Our code and data are available at https://github.com/RUCAIBox/HADES.

References (1)