{"id":"https://openalex.org/W7138400626","doi":"https://doi.org/10.1609/aaai.v40i33.40054","title":"Vulnerability-Aware Robust Multimodal Adversarial Training","display_name":"Vulnerability-Aware Robust Multimodal Adversarial Training","publication_year":2026,"publication_date":"2026-03-14","ids":{"openalex":"https://openalex.org/W7138400626","doi":"https://doi.org/10.1609/aaai.v40i33.40054"},"language":null,"primary_location":{"id":"doi:10.1609/aaai.v40i33.40054","is_oa":true,"landing_page_url":"https://doi.org/10.1609/aaai.v40i33.40054","pdf_url":null,"source":{"id":"https://openalex.org/S4210191458","display_name":"Proceedings of the AAAI Conference on Artificial Intelligence","issn_l":"2159-5399","issn":["2159-5399","2374-3468"],"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/P4310320058","host_organization_name":"Association for the Advancement of Artificial Intelligence","host_organization_lineage":["https://openalex.org/P4310320058"],"host_organization_lineage_names":["Association for the Advancement of Artificial Intelligence"],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the AAAI Conference on Artificial Intelligence","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"diamond","oa_url":"https://doi.org/10.1609/aaai.v40i33.40054","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5129683807","display_name":"Junrui Zhang","orcid":null},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Junrui Zhang","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5129651056","display_name":"Xinyu Zhao","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Xinyu Zhao","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5129677446","display_name":"Jie Peng","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Jie Peng","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5129673250","display_name":"Chenjie Wang","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Chenjie Wang","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5098821261","display_name":"Jianmin Ji","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Jianmin Ji","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"last","author":{"id":"https://openalex.org/A5129694069","display_name":"Tianlong Chen","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Tianlong Chen","raw_affiliation_strings":[],"affiliations":[]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5129683807"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.61744248,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"40","issue":"33","first_page":"28265","last_page":"28273"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9943000078201294,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9943000078201294,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12262","display_name":"Hate Speech and Cyberbullying Detection","score":0.000699999975040555,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11307","display_name":"Domain Adaptation and Few-Shot Learning","score":0.00039999998989515007,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.7975000143051147},{"id":"https://openalex.org/keywords/modalities","display_name":"Modalities","score":0.7817000150680542},{"id":"https://openalex.org/keywords/robustness","display_name":"Robustness (evolution)","score":0.7218000292778015},{"id":"https://openalex.org/keywords/multimodal-learning","display_name":"Multimodal learning","score":0.4262999892234802},{"id":"https://openalex.org/keywords/training-set","display_name":"Training set","score":0.3799999952316284},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.3702999949455261}],"concepts":[{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.7975000143051147},{"id":"https://openalex.org/C2779903281","wikidata":"https://www.wikidata.org/wiki/Q6888026","display_name":"Modalities","level":2,"score":0.7817000150680542},{"id":"https://openalex.org/C63479239","wikidata":"https://www.wikidata.org/wiki/Q7353546","display_name":"Robustness (evolution)","level":3,"score":0.7218000292778015},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7166000008583069},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.6373999714851379},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.6355999708175659},{"id":"https://openalex.org/C2780660688","wikidata":"https://www.wikidata.org/wiki/Q25052564","display_name":"Multimodal learning","level":2,"score":0.4262999892234802},{"id":"https://openalex.org/C51632099","wikidata":"https://www.wikidata.org/wiki/Q3985153","display_name":"Training set","level":2,"score":0.3799999952316284},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.3702999949455261},{"id":"https://openalex.org/C185874996","wikidata":"https://www.wikidata.org/wiki/Q269699","display_name":"Interdependence","level":2,"score":0.35249999165534973},{"id":"https://openalex.org/C2776135515","wikidata":"https://www.wikidata.org/wiki/Q17143721","display_name":"Regularization (linguistics)","level":2,"score":0.34769999980926514},{"id":"https://openalex.org/C175154964","wikidata":"https://www.wikidata.org/wiki/Q380077","display_name":"Task analysis","level":3,"score":0.3109000027179718},{"id":"https://openalex.org/C2780910867","wikidata":"https://www.wikidata.org/wiki/Q1952416","display_name":"Multimodality","level":2,"score":0.3100000023841858},{"id":"https://openalex.org/C108583219","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep learning","level":2,"score":0.29840001463890076},{"id":"https://openalex.org/C2780451532","wikidata":"https://www.wikidata.org/wiki/Q759676","display_name":"Task (project management)","level":2,"score":0.2799000144004822}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1609/aaai.v40i33.40054","is_oa":true,"landing_page_url":"https://doi.org/10.1609/aaai.v40i33.40054","pdf_url":null,"source":{"id":"https://openalex.org/S4210191458","display_name":"Proceedings of the AAAI Conference on Artificial Intelligence","issn_l":"2159-5399","issn":["2159-5399","2374-3468"],"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/P4310320058","host_organization_name":"Association for the Advancement of Artificial Intelligence","host_organization_lineage":["https://openalex.org/P4310320058"],"host_organization_lineage_names":["Association for the Advancement of Artificial Intelligence"],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the AAAI Conference on Artificial Intelligence","raw_type":"journal-article"}],"best_oa_location":{"id":"doi:10.1609/aaai.v40i33.40054","is_oa":true,"landing_page_url":"https://doi.org/10.1609/aaai.v40i33.40054","pdf_url":null,"source":{"id":"https://openalex.org/S4210191458","display_name":"Proceedings of the AAAI Conference on Artificial Intelligence","issn_l":"2159-5399","issn":["2159-5399","2374-3468"],"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/P4310320058","host_organization_name":"Association for the Advancement of Artificial Intelligence","host_organization_lineage":["https://openalex.org/P4310320058"],"host_organization_lineage_names":["Association for the Advancement of Artificial Intelligence"],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the AAAI Conference on Artificial Intelligence","raw_type":"journal-article"},"sustainable_development_goals":[{"display_name":"Reduced inequalities","id":"https://metadata.un.org/sdg/10","score":0.576076865196228},{"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16","score":0.4536273777484894}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"Multimodal":[0,73],"learning":[1,130],"has":[2],"shown":[3],"significant":[4,165],"superiority":[5],"on":[6,31,33,159],"various":[7],"tasks":[8],"by":[9,86],"integrating":[10],"multiple":[11,145],"modalities.":[12,40,150],"However,":[13],"the":[14,19,50,88,100,111,138],"interdependencies":[15],"among":[16],"modalities":[17,35,53,124],"increase":[18],"susceptibility":[20],"of":[21,90,102,110,141],"multimodal":[22,84,146,161,169],"models":[23],"to":[24,57],"adversarial":[25,79,170],"attacks.":[26],"Existing":[27],"methods":[28],"mainly":[29],"focus":[30],"attacks":[32],"specific":[34],"or":[36],"indiscriminately":[37],"attack":[38,112],"all":[39],"In":[41],"this":[42,67],"paper,":[43],"we":[44,69,116,152],"find":[45],"that":[46,82,122],"these":[47],"approaches":[48],"ignore":[49],"differences":[51],"between":[52],"in":[54,61,106,168],"their":[55],"contribution":[56],"final":[58],"robustness,":[59],"resulting":[60],"suboptimal":[62],"robustness":[63,85,140,157],"performance.":[64],"To":[65,93],"bridge":[66],"gap,":[68],"introduce":[70],"Vulnerability-Aware":[71],"Robust":[72],"Adversarial":[74],"Training":[75],"(VARMAT),":[76],"a":[77,107,118,164],"probe-in-training":[78],"training":[80],"method":[81,143],"improves":[83],"identifying":[87],"vulnerability":[89,101],"each":[91,103],"modality.":[92],"be":[94],"specific,":[95],"VARMAT":[96],"first":[97],"explicitly":[98],"quantifies":[99],"modality,":[104],"grounded":[105],"first-order":[108],"approximation":[109],"objective":[113],"(Probe).":[114],"Then,":[115],"propose":[117],"targeted":[119],"regularization":[120],"term":[121],"penalizes":[123],"with":[125],"high":[126],"vulnerability,":[127],"guiding":[128],"robust":[129],"while":[131],"maintaining":[132],"task":[133],"accuracy":[134],"(Training).":[135],"We":[136],"demonstrate":[137],"enhanced":[139],"our":[142],"across":[144],"datasets":[147],"involving":[148],"diverse":[149],"Finally,":[151],"achieve":[153],"{12.73%,":[154],"22.21%,":[155],"11.19%}":[156],"improvement":[158],"three":[160],"datasets,":[162],"revealing":[163],"blind":[166],"spot":[167],"training.":[171]},"counts_by_year":[],"updated_date":"2026-03-18T06:31:55.123368","created_date":"2026-03-18T00:00:00"}