{"id":"https://openalex.org/W7129595291","doi":"https://doi.org/10.48550/arxiv.2602.13293","title":"NutVLM: A Self-Adaptive Defense Framework against Full-Dimension Attacks for Vision Language Models in Autonomous Driving","display_name":"NutVLM: A Self-Adaptive Defense Framework against Full-Dimension Attacks for Vision Language Models in Autonomous Driving","publication_year":2026,"publication_date":"2026-02-09","ids":{"openalex":"https://openalex.org/W7129595291","doi":"https://doi.org/10.48550/arxiv.2602.13293"},"language":null,"primary_location":{"id":"pmh:doi:10.48550/arxiv.2602.13293","is_oa":true,"landing_page_url":null,"pdf_url":null,"source":{"id":"https://openalex.org/S4406922384","display_name":"Open MIND","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"Article"},"type":"preprint","indexed_in":["datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":null,"any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5063261470","display_name":"Xiaoxu Peng","orcid":"https://orcid.org/0000-0003-1488-6968"},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Peng, Xiaoxu","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5126180357","display_name":"Dong Zhou","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Zhou, Dong","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5126243485","display_name":"Jianwen Zhang","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Zhang, Jianwen","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5051234799","display_name":"Guanghui Sun","orcid":"https://orcid.org/0000-0003-1623-2220"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Sun, Guanghui","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5126229899","display_name":"Anh Tu Ngo","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Ngo, Anh Tu","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"last","author":{"id":"https://openalex.org/A5126231881","display_name":"Anupam Chattopadhyay","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Chattopadhyay, Anupam","raw_affiliation_strings":[],"affiliations":[]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5063261470"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9865000247955322,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9865000247955322,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10036","display_name":"Advanced Neural Network Applications","score":0.0024999999441206455,"subfield":{"id":"https://openalex.org/subfields/1707","display_name":"Computer Vision and Pattern Recognition"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11714","display_name":"Multimodal Machine Learning Applications","score":0.0017000000225380063,"subfield":{"id":"https://openalex.org/subfields/1707","display_name":"Computer Vision and Pattern Recognition"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.7455000281333923},{"id":"https://openalex.org/keywords/robustness","display_name":"Robustness (evolution)","score":0.6110000014305115},{"id":"https://openalex.org/keywords/scalability","display_name":"Scalability","score":0.5742999911308289},{"id":"https://openalex.org/keywords/perception","display_name":"Perception","score":0.49480000138282776},{"id":"https://openalex.org/keywords/language-model","display_name":"Language model","score":0.4542999863624573},{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.38609999418258667}],"concepts":[{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.7455000281333923},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6966000199317932},{"id":"https://openalex.org/C63479239","wikidata":"https://www.wikidata.org/wiki/Q7353546","display_name":"Robustness (evolution)","level":3,"score":0.6110000014305115},{"id":"https://openalex.org/C48044578","wikidata":"https://www.wikidata.org/wiki/Q727490","display_name":"Scalability","level":2,"score":0.5742999911308289},{"id":"https://openalex.org/C26760741","wikidata":"https://www.wikidata.org/wiki/Q160402","display_name":"Perception","level":2,"score":0.49480000138282776},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.4740999937057495},{"id":"https://openalex.org/C137293760","wikidata":"https://www.wikidata.org/wiki/Q3621696","display_name":"Language model","level":2,"score":0.4542999863624573},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4311000108718872},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.38609999418258667},{"id":"https://openalex.org/C140547941","wikidata":"https://www.wikidata.org/wiki/Q7797194","display_name":"Threat model","level":2,"score":0.37470000982284546},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.3440000116825104},{"id":"https://openalex.org/C100776233","wikidata":"https://www.wikidata.org/wiki/Q2532492","display_name":"Bridge (graph theory)","level":2,"score":0.3314000070095062},{"id":"https://openalex.org/C204323151","wikidata":"https://www.wikidata.org/wiki/Q905424","display_name":"Range (aeronautics)","level":2,"score":0.3212999999523163},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.28630000352859497},{"id":"https://openalex.org/C2778755073","wikidata":"https://www.wikidata.org/wiki/Q10858537","display_name":"Scale (ratio)","level":2,"score":0.28619998693466187},{"id":"https://openalex.org/C107457646","wikidata":"https://www.wikidata.org/wiki/Q207434","display_name":"Human\u2013computer interaction","level":1,"score":0.27070000767707825}],"mesh":[],"locations_count":2,"locations":[{"id":"pmh:doi:10.48550/arxiv.2602.13293","is_oa":true,"landing_page_url":null,"pdf_url":null,"source":{"id":"https://openalex.org/S4406922384","display_name":"Open MIND","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"Article"},{"id":"doi:10.48550/arxiv.2602.13293","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2602.13293","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"pmh:doi:10.48550/arxiv.2602.13293","is_oa":true,"landing_page_url":null,"pdf_url":null,"source":{"id":"https://openalex.org/S4406922384","display_name":"Open MIND","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"Article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"Vision":[0],"Language":[1,156],"Models":[2],"(VLMs)":[3],"have":[4],"advanced":[5],"perception":[6],"in":[7,151],"autonomous":[8],"driving":[9,120],"(AD),":[10],"but":[11],"they":[12],"remain":[13,34],"vulnerable":[14],"to":[15,25,39,58],"adversarial":[16],"threats.":[17],"These":[18,129,161],"risks":[19],"range":[20],"from":[21],"localized":[22,91],"physical":[23],"patches":[24],"imperceptible":[26],"global":[27,85,100],"perturbations.":[28],"Existing":[29],"defense":[30,55],"methods":[31],"for":[32,170],"VLMs":[33],"limited":[35],"and":[36,84,126,158],"often":[37],"fail":[38],"reconcile":[40],"robustness":[41],"with":[42],"clean-sample":[43],"performance.":[44],"To":[45],"bridge":[46],"these":[47],"gaps,":[48],"we":[49,65],"propose":[50],"NutVLM,":[51],"a":[52,70,74,148,166],"comprehensive":[53],"self-adaptive":[54],"framework":[56],"designed":[57],"secure":[59],"the":[60,110,132,142],"entire":[61],"perception-decision":[62],"lifecycle.":[63],"Specifically,":[64],"first":[66],"employ":[67],"NutNet++":[68],"as":[69,165],"sentinel,":[71],"which":[72],"is":[73,175],"unified":[75],"detection-purification":[76],"mechanism.":[77],"It":[78],"identifies":[79],"benign":[80],"samples,":[81],"local":[82],"patches,":[83],"perturbations":[86,101],"through":[87],"three-way":[88],"classification.":[89],"Subsequently,":[90],"threats":[92],"are":[93],"purified":[94],"via":[95,122],"efficient":[96],"grayscale":[97],"masking,":[98],"while":[99],"trigger":[102],"Expert-guided":[103],"Adversarial":[104],"Prompt":[105],"Tuning":[106],"(EAPT).":[107],"Instead":[108],"of":[109,114],"costly":[111],"parameter":[112],"updates":[113],"full-model":[115,138],"fine-tuning,":[116],"EAPT":[117],"generates":[118],"\"corrective":[119],"prompts\"":[121],"gradient-based":[123],"latent":[124],"optimization":[125],"discrete":[127],"projection.":[128],"prompts":[130],"refocus":[131],"VLM's":[133],"attention":[134],"without":[135],"requiring":[136],"exhaustive":[137],"retraining.":[139],"Evaluated":[140],"on":[141],"Dolphins":[143],"benchmark,":[144],"our":[145],"NutVLM":[146,164],"yields":[147],"4.89%":[149],"improvement":[150],"overall":[152],"metrics":[153],"(e.g.,":[154],"Accuracy,":[155],"Score,":[157],"GPT":[159],"Score).":[160],"results":[162],"validate":[163],"scalable":[167],"security":[168],"solution":[169],"intelligent":[171],"transportation.":[172],"Our":[173],"code":[174],"available":[176],"at":[177],"https://github.com/PXX/NutVLM.":[178]},"counts_by_year":[],"updated_date":"2026-04-04T16:13:02.066488","created_date":"2026-02-18T00:00:00"}