{"id":"https://openalex.org/W4406461391","doi":"https://doi.org/10.1109/bigdata62323.2024.10825099","title":"Securing Vision-Language Models with a Robust Encoder Against Jailbreak and Adversarial Attacks","display_name":"Securing Vision-Language Models with a Robust Encoder Against Jailbreak and Adversarial Attacks","publication_year":2024,"publication_date":"2024-12-15","ids":{"openalex":"https://openalex.org/W4406461391","doi":"https://doi.org/10.1109/bigdata62323.2024.10825099"},"language":"en","primary_location":{"id":"doi:10.1109/bigdata62323.2024.10825099","is_oa":false,"landing_page_url":"https://doi.org/10.1109/bigdata62323.2024.10825099","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2024 IEEE International Conference on Big Data (BigData)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5071571852","display_name":"Md Zarif Hossain","orcid":null},"institutions":[{"id":"https://openalex.org/I110378019","display_name":"Southern Illinois University Carbondale","ror":"https://ror.org/049kefs16","country_code":"US","type":"education","lineage":["https://openalex.org/I110378019","https://openalex.org/I2801502357"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Md Zarif Hossain","raw_affiliation_strings":["Southern Illinois University,School of Computing,Carbondale,IL,USA"],"affiliations":[{"raw_affiliation_string":"Southern Illinois University,School of Computing,Carbondale,IL,USA","institution_ids":["https://openalex.org/I110378019"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5077711449","display_name":"Ahmed Imteaj","orcid":"https://orcid.org/0000-0002-6975-3997"},"institutions":[{"id":"https://openalex.org/I110378019","display_name":"Southern Illinois University Carbondale","ror":"https://ror.org/049kefs16","country_code":"US","type":"education","lineage":["https://openalex.org/I110378019","https://openalex.org/I2801502357"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Ahmed Imteaj","raw_affiliation_strings":["Southern Illinois University,School of Computing,Carbondale,IL,USA"],"affiliations":[{"raw_affiliation_string":"Southern Illinois University,School of Computing,Carbondale,IL,USA","institution_ids":["https://openalex.org/I110378019"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5071571852"],"corresponding_institution_ids":["https://openalex.org/I110378019"],"apc_list":null,"apc_paid":null,"fwci":1.366,"has_fulltext":false,"cited_by_count":4,"citation_normalized_percentile":{"value":0.85256513,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":97,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"6250","last_page":"6259"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11714","display_name":"Multimodal Machine Learning Applications","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1707","display_name":"Computer Vision and Pattern Recognition"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10036","display_name":"Advanced Neural Network Applications","score":0.9965999722480774,"subfield":{"id":"https://openalex.org/subfields/1707","display_name":"Computer Vision and Pattern Recognition"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.8406985998153687},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7372841238975525},{"id":"https://openalex.org/keywords/encoder","display_name":"Encoder","score":0.6171659231185913},{"id":"https://openalex.org/keywords/computer-vision","display_name":"Computer vision","score":0.5560561418533325},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.5001661777496338},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4566132724285126},{"id":"https://openalex.org/keywords/speech-recognition","display_name":"Speech recognition","score":0.33183997869491577}],"concepts":[{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.8406985998153687},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7372841238975525},{"id":"https://openalex.org/C118505674","wikidata":"https://www.wikidata.org/wiki/Q42586063","display_name":"Encoder","level":2,"score":0.6171659231185913},{"id":"https://openalex.org/C31972630","wikidata":"https://www.wikidata.org/wiki/Q844240","display_name":"Computer vision","level":1,"score":0.5560561418533325},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.5001661777496338},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4566132724285126},{"id":"https://openalex.org/C28490314","wikidata":"https://www.wikidata.org/wiki/Q189436","display_name":"Speech recognition","level":1,"score":0.33183997869491577},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/bigdata62323.2024.10825099","is_oa":false,"landing_page_url":"https://doi.org/10.1109/bigdata62323.2024.10825099","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2024 IEEE International Conference on Big Data (BigData)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","score":0.6600000262260437,"id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":90,"referenced_works":["https://openalex.org/W1861492603","https://openalex.org/W1956340063","https://openalex.org/W2064675550","https://openalex.org/W2108598243","https://openalex.org/W2250384498","https://openalex.org/W2277195237","https://openalex.org/W2919115771","https://openalex.org/W2947312908","https://openalex.org/W3097455551","https://openalex.org/W3100355250","https://openalex.org/W3171007011","https://openalex.org/W3217234915","https://openalex.org/W4221143046","https://openalex.org/W4224308101","https://openalex.org/W4225323055","https://openalex.org/W4226278401","https://openalex.org/W4280605483","https://openalex.org/W4292779060","https://openalex.org/W4293846201","https://openalex.org/W4296413526","https://openalex.org/W4309395891","https://openalex.org/W4311991106","https://openalex.org/W4312846625","https://openalex.org/W4312933868","https://openalex.org/W4366330503","https://openalex.org/W4366850747","https://openalex.org/W4372283945","https://openalex.org/W4376312115","https://openalex.org/W4378718229","https://openalex.org/W4383473937","https://openalex.org/W4383993628","https://openalex.org/W4384918448","https://openalex.org/W4385374425","https://openalex.org/W4387891897","https://openalex.org/W4387967929","https://openalex.org/W4388585701","https://openalex.org/W4389217677","https://openalex.org/W4389820298","https://openalex.org/W4389983836","https://openalex.org/W4391590851","https://openalex.org/W4391590954","https://openalex.org/W4391632220","https://openalex.org/W4391724817","https://openalex.org/W4391988308","https://openalex.org/W4393157467","https://openalex.org/W4399425071","https://openalex.org/W4401306765","https://openalex.org/W4402218653","https://openalex.org/W4402727764","https://openalex.org/W4404725774","https://openalex.org/W4404971291","https://openalex.org/W4406072530","https://openalex.org/W6739868092","https://openalex.org/W6774314701","https://openalex.org/W6774469542","https://openalex.org/W6778883912","https://openalex.org/W6785039685","https://openalex.org/W6791353385","https://openalex.org/W6803435029","https://openalex.org/W6809646742","https://openalex.org/W6810081322","https://openalex.org/W6810334672","https://openalex.org/W6810738896","https://openalex.org/W6811013733","https://openalex.org/W6838695150","https://openalex.org/W6842722019","https://openalex.org/W6846870107","https://openalex.org/W6847753483","https://openalex.org/W6851592950","https://openalex.org/W6851950068","https://openalex.org/W6852898014","https://openalex.org/W6853116092","https://openalex.org/W6853255756","https://openalex.org/W6853601813","https://openalex.org/W6854866820","https://openalex.org/W6854948896","https://openalex.org/W6855469472","https://openalex.org/W6855647339","https://openalex.org/W6857621569","https://openalex.org/W6858504461","https://openalex.org/W6858706166","https://openalex.org/W6859288547","https://openalex.org/W6861285878","https://openalex.org/W6861291810","https://openalex.org/W6861352133","https://openalex.org/W6861704467","https://openalex.org/W6863024352","https://openalex.org/W6868811105","https://openalex.org/W6870968228","https://openalex.org/W6875800845"],"related_works":["https://openalex.org/W2502115930","https://openalex.org/W2482350142","https://openalex.org/W4246396837","https://openalex.org/W3126451824","https://openalex.org/W1561927205","https://openalex.org/W3191453585","https://openalex.org/W4297672492","https://openalex.org/W4310988119","https://openalex.org/W4285226279","https://openalex.org/W4288019534"],"abstract_inverted_index":{"Large":[0],"Vision-Language":[1],"Models":[2],"(LVLMs),":[3],"trained":[4],"on":[5],"multimodal":[6],"big":[7],"datasets,":[8,159],"have":[9],"significantly":[10],"advanced":[11],"AI":[12],"by":[13,59,77],"excelling":[14],"in":[15],"vision-language":[16],"tasks.":[17],"However,":[18],"these":[19],"models":[20],"remain":[21],"vulnerable":[22],"to":[23,37,123],"adversarial":[24,95,137,187],"attacks,":[25,28],"particularly":[26],"jailbreak":[27,141,149,190],"which":[29],"bypass":[30],"safety":[31],"protocols":[32],"and":[33,53,89,126,139,152,165,189],"cause":[34],"the":[35,48,54,60,73,124],"model":[36],"generate":[38],"misleading":[39],"or":[40],"harmful":[41],"responses.":[42],"This":[43,82],"vulnerability":[44],"stems":[45],"from":[46],"both":[47,135,185],"inherent":[49],"susceptibilities":[50],"of":[51],"LLMs":[52],"expanded":[55],"attack":[56,150],"surface":[57],"introduced":[58],"visual":[61,168],"modality.":[62],"We":[63,143],"propose":[64],"SimCLIP+,":[65],"a":[66,79,99,110],"novel":[67],"defense":[68],"mechanism":[69],"that":[70,174],"adversarially":[71],"fine-tunes":[72],"CLIP":[74],"vision":[75,112],"encoder":[76],"leveraging":[78],"Siamese":[80],"architecture.":[81],"approach":[83],"maximizes":[84],"cosine":[85],"similarity":[86],"between":[87],"perturbed":[88],"clean":[90,154,178],"samples,":[91],"facilitating":[92],"resilience":[93],"against":[94,134,146,184],"manipulations.":[96],"Sim-CLIP+":[97,131,145,175],"offers":[98],"plug-and-play":[100],"solution,":[101],"allowing":[102],"seamless":[103],"integration":[104],"into":[105],"existing":[106],"LVLM":[107,125],"architectures":[108],"as":[109],"robust":[111],"encoder.":[113],"Unlike":[114],"previous":[115],"defenses,":[116],"our":[117],"method":[118],"requires":[119],"no":[120],"structural":[121],"modifications":[122],"incurs":[127],"minimal":[128],"computational":[129],"overhead.":[130],"demonstrates":[132],"effectiveness":[133],"gradient-based":[136,186],"attacks":[138,188],"various":[140],"techniques.":[142,191],"evaluate":[144],"three":[147],"distinct":[148],"strategies":[151],"perform":[153],"evaluations":[155],"using":[156],"standard":[157],"downstream":[158],"including":[160],"COCO":[161],"for":[162,167],"image":[163],"captioning":[164],"OKVQA":[166],"question":[169],"answering.":[170],"Extensive":[171],"experiments":[172],"demonstrate":[173],"maintains":[176],"high":[177],"accuracy":[179],"while":[180],"substantially":[181],"improving":[182],"robustness":[183]},"counts_by_year":[{"year":2025,"cited_by_count":4}],"updated_date":"2026-04-09T08:11:56.329763","created_date":"2025-10-10T00:00:00"}