{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,8]],"date-time":"2026-04-08T16:53:42Z","timestamp":1775667222026,"version":"3.50.1"},"reference-count":61,"publisher":"IEEE","license":[{"start":{"date-parts":[[2024,12,15]],"date-time":"2024-12-15T00:00:00Z","timestamp":1734220800000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2024,12,15]],"date-time":"2024-12-15T00:00:00Z","timestamp":1734220800000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"funder":[{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2024,12,15]]},"DOI":"10.1109\/bigdata62323.2024.10825099","type":"proceedings-article","created":{"date-parts":[[2025,1,16]],"date-time":"2025-01-16T18:31:23Z","timestamp":1737052283000},"page":"6250-6259","source":"Crossref","is-referenced-by-count":4,"title":["Securing Vision-Language Models with a Robust Encoder Against Jailbreak and Adversarial Attacks"],"prefix":"10.1109","author":[{"given":"Md Zarif","family":"Hossain","sequence":"first","affiliation":[{"name":"Southern Illinois University,School of Computing,Carbondale,IL,USA"}]},{"given":"Ahmed","family":"Imteaj","sequence":"additional","affiliation":[{"name":"Southern Illinois University,School of Computing,Carbondale,IL,USA"}]}],"member":"263","reference":[{"key":"ref1","article-title":"Gpt-4 technical report","author":"Achiam","year":"2023"},{"key":"ref2","article-title":"Llama 2: Open foundation and fine-tuned chat models","author":"Touvron","year":"2023"},{"key":"ref3","article-title":"Visual instruction tuning","volume":"36","author":"Liu","year":"2024","journal-title":"Advances in neural information processing systems"},{"key":"ref4","first-page":"23716","article-title":"Flamingo: a visual language model for few-shot learning","volume":"35","author":"Alayrac","year":"2022","journal-title":"Advances in neural information processing systems"},{"key":"ref5","article-title":"Minigpt-4: Enhancing vision-language understanding with advanced large language models","author":"Zhu","year":"2023"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-10602-1_48"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-20074-8_9"},{"key":"ref8","article-title":"Instructblip: Towards general-purpose vision-language models with instruction tuning","author":"Dai","year":"2023"},{"key":"ref9","article-title":"Constitutional ai: Harmlessness from ai feedback","author":"Bai","year":"2022"},{"key":"ref10","article-title":"Red teaming language models to reduce harms: Methods, scaling behaviors, and lessons learned","author":"Ganguli","year":"2022"},{"key":"ref11","article-title":"An llm can fool itself: A prompt-based adversarial attack","author":"Xu","year":"2023"},{"key":"ref12","article-title":"Ignore previous prompt: Attack techniques for language models","author":"Perez","year":"2022"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1109\/ICDCSW63686.2024.00009"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1109\/DSC61021.2023.10354149"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2024.24188"},{"key":"ref16","article-title":"Jailbroken: How does llm safety training fail?","volume":"36","author":"Wei","year":"2024","journal-title":"Advances in Neural Information Processing Systems"},{"key":"ref17","first-page":"3677","article-title":"On the adversarial robustness of multimodal foundation models","volume-title":"Proceedings of the IEEE\/CVF International Conference on Computer Vision","author":"Schlarmann"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1609\/aaai.v38i19.30150"},{"key":"ref19","article-title":"Jailbreaking attack against multimodal large language model","author":"Niu","year":"2024"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-73464-9_11"},{"key":"ref21","article-title":"A mutation-based method for multi-modal jailbreaking attack detection","author":"Zhang","year":"2023"},{"key":"ref22","article-title":"Defending jailbreak attack in vlms via cross-modality information detector","author":"Xu","year":"2024"},{"key":"ref23","article-title":"Towards deep learning models resistant to adversarial attacks","author":"Madry","year":"2017"},{"key":"ref24","article-title":"Language models are few-shot learners","author":"Brown","year":"2020"},{"issue":"3","key":"ref25","first-page":"6","volume-title":"Vicuna: An open-source chatbot impressing gpt-4 with 90%* chatgpt quality","volume":"2","author":"Chiang","year":"2023"},{"key":"ref26","doi-asserted-by":"publisher","DOI":"10.1145\/2812802"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR.2009.5206848"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1007\/s11263-016-0981-7"},{"key":"ref29","first-page":"24824","article-title":"Chain-of-thought prompting elicits reasoning in large language models","volume":"35","author":"Wei","year":"2022","journal-title":"Advances in neural information processing systems"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1038\/nature14539"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1162\/neco.1997.9.8.1735"},{"issue":"8","key":"ref32","first-page":"9","article-title":"Language models are unsupervised multitask learners","volume":"1","author":"Radford","year":"2019","journal-title":"OpenAI blog"},{"issue":"240","key":"ref33","first-page":"1","article-title":"Palm: Scaling language modeling with pathways","volume":"24","author":"Chowdhery","year":"2023","journal-title":"Journal of Machine Learning Research"},{"key":"ref34","first-page":"8748","article-title":"Learning transferable visual models from natural language supervision","volume-title":"International conference on machine learning","author":"Radford"},{"key":"ref35","first-page":"12888","article-title":"Blip: Bootstrapping language-image pre-training for unified vision-language understanding and generation","volume-title":"International conference on machine learning","author":"Li"},{"key":"ref36","first-page":"27730","article-title":"Training language models to follow instructions with human feedback","volume":"35","author":"Ouyang","year":"2022","journal-title":"Advances in neural information processing systems"},{"key":"ref37","article-title":"Principle-driven self-alignment of language models from scratch with minimal human supervision","volume":"36","author":"Sun","year":"2024","journal-title":"Advances in Neural Information Processing Systems"},{"key":"ref38","doi-asserted-by":"publisher","DOI":"10.1145\/3581783.3612454"},{"key":"ref39","article-title":"On evaluating adversarial robustness of large vision-language models","volume":"36","author":"Zhao","year":"2024","journal-title":"Advances in Neural Information Processing Systems"},{"key":"ref40","first-page":"2206","article-title":"Reliable evaluation of adversarial robustness with an ensemble of diverse parameter-free attacks","volume-title":"International conference on machine learning","author":"Croce"},{"key":"ref41","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR52688.2022.01042"},{"key":"ref42","article-title":"Figstep: Jailbreaking large vision-language models via typographic visual prompts","author":"Gong","year":"2023"},{"key":"ref43","article-title":"Query-relevant images jailbreak large multi-modal models","author":"Liu","year":"2023"},{"key":"ref44","article-title":"Safety fine-tuning at (almost) no cost: A baseline for vision large language models","author":"Zong","year":"2024"},{"key":"ref45","article-title":"Harmbench: A standardized evaluation framework for automated red teaming and robust refusal","author":"Mazeika","year":"2024"},{"key":"ref46","article-title":"Cross-modal safety alignment: Is textual unlearning all you need?","author":"Chakraborty","year":"2024"},{"key":"ref47","article-title":"Adashield: Safeguarding multimodal large language models from structure-based attack via adaptive shield prompting","author":"Wang","year":"2024"},{"key":"ref48","article-title":"Sim-clip: Unsupervised siamese adversarial fine-tuning for robust and semantically-rich vision-language models","author":"Hossain","year":"2024"},{"key":"ref49","first-page":"1597","article-title":"A simple framework for contrastive learning of visual representations","volume-title":"International conference on machine learning","author":"Chen"},{"key":"ref50","first-page":"16199","article-title":"Robust pre-training by adversarial contrastive learning","volume":"33","author":"Jiang","year":"2020","journal-title":"Advances in neural information processing systems"},{"key":"ref51","first-page":"21480","article-title":"When does contrastive learning preserve adversarial robustness from pretraining to finetuning?","volume":"34","author":"Fan","year":"2021","journal-title":"Advances in neural information processing systems"},{"key":"ref52","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR46437.2021.01549"},{"key":"ref53","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR52733.2024.02484"},{"key":"ref54","article-title":"Universal and transferable adversarial attacks on aligned language models","author":"Zou","year":"2023"},{"key":"ref55","doi-asserted-by":"publisher","DOI":"10.18653\/v1\/2020.findings-emnlp.301"},{"key":"ref56","article-title":"Beavertails: Towards improved safety alignment of llm via a human-preference dataset","volume":"36","author":"Ji","year":"2024","journal-title":"Advances in Neural Information Processing Systems"},{"key":"ref57","article-title":"Perspective api","author":"Jigsaw","year":"2017"},{"key":"ref58","article-title":"Robust clip: Unsupervised adversarial fine-tuning of vision embeddings for robust large vision-language models","author":"Schlarmann","year":"2024"},{"key":"ref59","article-title":"Diffusion models for adversarial purification","author":"Nie","year":"2022"},{"key":"ref60","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR.2015.7299087"},{"key":"ref61","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR.2019.00331"}],"event":{"name":"2024 IEEE International Conference on Big Data (BigData)","location":"Washington, DC, USA","start":{"date-parts":[[2024,12,15]]},"end":{"date-parts":[[2024,12,18]]}},"container-title":["2024 IEEE International Conference on Big Data (BigData)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx8\/10824975\/10824942\/10825099.pdf?arnumber=10825099","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,1,17]],"date-time":"2025-01-17T07:45:21Z","timestamp":1737099921000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/10825099\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,12,15]]},"references-count":61,"URL":"https:\/\/doi.org\/10.1109\/bigdata62323.2024.10825099","relation":{},"subject":[],"published":{"date-parts":[[2024,12,15]]}}}