VLM-Guard: Safeguarding Vision-Language Models via Fulfilling Safety Alignment Gap
This addresses safety concerns for users of vision-language models, though it is an incremental improvement focused on mitigating a specific vulnerability.
The paper tackles the safety vulnerability of vision-language models (VLMs) due to the modality gap between image and text representations, which undermines safety alignment from LLMs. It proposes VLM-Guard, an inference-time intervention strategy that projects VLM representations to align with LLM safety steering, showing effectiveness in safeguarding VLMs across three malicious instruction settings.
The emergence of vision language models (VLMs) comes with increased safety concerns, as the incorporation of multiple modalities heightens vulnerability to attacks. Although VLMs can be built upon LLMs that have textual safety alignment, it is easily undermined when the vision modality is integrated. We attribute this safety challenge to the modality gap, a separation of image and text in the shared representation space, which blurs the distinction between harmful and harmless queries that is evident in LLMs but weakened in VLMs. To avoid safety decay and fulfill the safety alignment gap, we propose VLM-Guard, an inference-time intervention strategy that leverages the LLM component of a VLM as supervision for the safety alignment of the VLM. VLM-Guard projects the representations of VLM into the subspace that is orthogonal to the safety steering direction that is extracted from the safety-aligned LLM. Experimental results on three malicious instruction settings show the effectiveness of VLM-Guard in safeguarding VLM and fulfilling the safety alignment gap between VLM and its LLM component.