FMM-Attack: A Flow-based Multi-modal Adversarial Attack on Video-based LLMs

The content introduces FMM-Attack, the first adversarial attack tailored for video-based LLMs. It crafts imperceptible perturbations on video frames to induce incorrect answers and garbling in model output. Extensive experiments demonstrate effectiveness and safety-related feature alignment importance.

1. Introduction

   • Large multi-modal models vulnerable to attacks.
   • Video-based LLMs enhance video understanding but lack robustness.

2. Methodology

   • Threat model includes imperceptible perturbations for incorrect responses.
   • Flow-based temporal mask selects effective frames for attack.

3. Experiments

   • Quantitative evaluation shows FMM-Attack's effectiveness.
   • Qualitative examples illustrate garbled responses induced by the attack.

4. Discussions

   • Importance of flow-based masks in precise video manipulation.
   • Garbling effect observed in model outputs due to FMM-Attack.

5. Conclusion

   • FMM-Attack disrupts video-based LLMs effectively with minimal perturbations.
   • Insights into cross-modal feature attacks contribute to understanding multi-modal robustness.