Papers

Topics

Authors

Recent

View all

Assistant

AI Research Assistant

Well-researched responses based on relevant abstracts and paper content.

Custom Instructions Pro

Preferences or requirements that you'd like Emergent Mind to consider when generating responses.

Gemini 2.5 Flash

Gemini 2.5 Flash 73 tok/s

Gemini 2.5 Pro 39 tok/s Pro

GPT-5 Medium 27 tok/s Pro

GPT-5 High 19 tok/s Pro

GPT-4o 115 tok/s Pro

Kimi K2 226 tok/s Pro

GPT OSS 120B 461 tok/s Pro

Claude Sonnet 4 38 tok/s Pro

2000 character limit reached

Empirical Analysis of Large Vision-Language Models against Goal Hijacking via Visual Prompt Injection (2408.03554v1)

Published 7 Aug 2024 in cs.CL, cs.CR, and cs.LG

Abstract: We explore visual prompt injection (VPI) that maliciously exploits the ability of large vision-LLMs (LVLMs) to follow instructions drawn onto the input image. We propose a new VPI method, "goal hijacking via visual prompt injection" (GHVPI), that swaps the execution task of LVLMs from an original task to an alternative task designated by an attacker. The quantitative analysis indicates that GPT-4V is vulnerable to the GHVPI and demonstrates a notable attack success rate of 15.8%, which is an unignorable security risk. Our analysis also shows that successful GHVPI requires high character recognition capability and instruction-following ability in LVLMs.

Citations (1)

View on Semantic Scholar