A side-channel attack infers ViT patch size from periodic accuracy collapses on aligned grid images, enabling preprocessing-aware transfer attacks on VLMs.
Proceedings of the 2024 Conference of the North American Chapter of the Association for Computational Linguistics: Human Language Technologies (Volume 1: Long Papers) , pages=
2 Pith papers cite this work. Polarity classification is still indexing.
2
Pith papers citing it
years
2026 2verdicts
UNVERDICTED 2representative citing papers
NightVision recovers LLM hidden dimension to 23% average relative error (9% on MoE) and depth/parameter count to 53% on models >3B parameters using common-set prompting, spectral analysis, and TTFT under single-logit black-box access.
citing papers explorer
-
Steal the Patch Size: Adversarially Manipulate Vision-Language Models
A side-channel attack infers ViT patch size from periodic accuracy collapses on aligned grid images, enabling preprocessing-aware transfer attacks on VLMs.
-
Black-Box Inference of LLM Architectural Properties with Restrictive API Access
NightVision recovers LLM hidden dimension to 23% average relative error (9% on MoE) and depth/parameter count to 53% on models >3B parameters using common-set prompting, spectral analysis, and TTFT under single-logit black-box access.