Skip to content
/ CIA Public

Enhancing Cross-Prompt Transferability in Vision-Language Models through Contextual Injection of Target Tokens

License

MIT license
3 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

YancyKahn/CIA

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
assets
assets
 
 
data
data
 
 
experiments
experiments
 
 
utils
utils
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
config.py
config.py
 
 
demo.ipynb
demo.ipynb
 
 
environment.yml
environment.yml
 
 
main.py
main.py
 
 

Repository files navigation

Enhancing Cross-Prompt Transferability in Vision-Language Models through Contextual Injection of Target Tokens

https://arxiv.org/abs/2406.13294

This project aims to attack vision-language models, such as blip2, instructBLIP, llava.

Vision-language models (VLMs) seamlessly integrate visual and textual data to perform tasks such as image classification, caption generation, and visual question answering. However, adversarial images often struggle to deceive all prompts effectively in the context of cross-prompt migration attacks, as the probability distribution of the tokens in these images tends to favor the semantics of the original image rather than the target tokens. To address this challenge, we propose a Contextual-Injection Attack (CIA) that employs gradient-based perturbation to inject target tokens into both visual and textual contexts, thereby improving the probability distribution of the target tokens. By shifting the contextual semantics towards the target tokens instead of the original image semantics, CIA enhances the cross-prompt transferability of adversarial images.

Overall Stucture

Dependencies

You can create and activate the same running environment and install dependencies as us by using the following commands:

conda env create -f environment.yaml
conda activate vllm-attack

Datasets

Download VisualQA dataset from https://visualqa.org/

aria2c -x 5 -c http://images.cocodataset.org/zips/train2014.zip

Run

You can run some examples using the following commands:

python main.py --device 0 --model_name "blip2" --image_path "./data/visualQA-train-demo/COCO_train2014_000000000009.jpg" --alpha 0.6 --beta 0.6 --benchmark "vllm-attack" --max_iter 1000 --embel_setting "nofix" --target_class "dog" --check_keyword 'dog' --output_texts "dog dog"

Projects

This project has been modified from the following projects:

CroPA provide the baseline of this work.

Citation

@misc{yang2024enhancing,
      title={Enhancing Cross-Prompt Transferability in Vision-Language Models through Contextual Injection of Target Tokens}, 
      author={Xikang Yang and Xuehai Tang and Fuqing Zhu and Jizhong Han and Songlin Hu},
      year={2024},
      eprint={2406.13294},
      archivePrefix={arXiv}
}

License

This codebase is released under MIT License.

About

Enhancing Cross-Prompt Transferability in Vision-Language Models through Contextual Injection of Target Tokens

Resources

Readme

License

MIT license
Activity

Stars

3 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages