Abstract / Description of output
Current vision large language models (VLLMs) exhibit remarkable capabilities yet are prone to generate harmful content and are vulnerable to even the simplest jail breaking attacks. Our initial analysis finds that this is due to the presence of harmful data during vision-language instruction fine-tuning, and that VLLM fine-tuning can cause forgetting of safety alignment previously learned by the underpinning LLM. To address this issue, we first curate a vision-language safety instruction-following dataset VLGuard covering various harmful categories. Our experiments demonstrate that integrating this dataset into standard vision-language fine-tuning or utilizing it for post-hoc fine-tuning effectively safety aligns VLLMs. This alignment is achieved with minimal impact on, or even enhancement of, the models’ helpfulness. The versatility of our safety fine-tuning dataset makes it a valuable resource for safety-testing existing VLLMs, training new models or safeguarding pre-trained VLLMs. Empirical results demonstrate that fine-tuned VLLMs effectively reject unsafe instructions and substantially reduce the success rates of several blackbox adversarial attacks, which approach zero in many cases.
Original language | English |
---|---|
Title of host publication | Proceedings of the 41st International Conference on Machine Learning |
DOIs | |
Publication status | Accepted/In press - 15 May 2024 |
Event | The 41st International Conference on Machine Learning - Vienna, Austria Duration: 21 Jul 2024 → 27 Jul 2024 https://icml.cc/ |
Conference
Conference | The 41st International Conference on Machine Learning |
---|---|
Abbreviated title | ICML 2024 |
Country/Territory | Austria |
City | Vienna |
Period | 21/07/24 → 27/07/24 |
Internet address |