Jailbreaking Multimodal Large Language Models using Multi-Clip Video
For researchers and developers of multimodal LLMs, this work identifies video-specific vulnerabilities and proposes a defense, though it is incremental as it extends known image-based jailbreak studies to video.
The paper introduces MCV SafetyBench, a dataset of 2,920 videos to evaluate how video input diversity affects jailbreak vulnerability in MLLMs. Experiments on eight models show attack success increases with clip count, and video is more vulnerable than image, with dynamic and diverse videos being more susceptible.
As multimodal large language models (MLLMs) have advanced to process video inputs, concerns have emerged about their potential for malicious misuse. Prior jailbreak studies have shown that safety alignment in MLLMs can be bypassed through visual inputs, yet it remains unclear which properties of video inputs induce this vulnerability. To address this gap, we introduce Multi-Clip Video (MCV) SafetyBench, a dataset of 2,920 videos designed to evaluate how the diversity of video inputs affects the vulnerability of MLLMs. Each video consists of multiple short clips depicting diverse contexts related to a harmful query. Experiments on eight representative video MLLMs show that attack success consistently increases with the number of clips. Our results further indicate that the video modality is (1) more vulnerable than the image modality, (2) more vulnerable to dynamic videos than to static videos, and (3) more vulnerable when videos contain more diverse contexts. Building on these findings, we propose a defense strategy that leverages the relative robustness of the image modality.