Defense-prefix for preventing typographic attacks on clip

Hiroki Azuma, Yusuke Matsui · 2023 · arXiv 2304.04512

1 Pith paper cite this work. Polarity classification is still indexing.

1 Pith paper citing it

representative citing papers

One Perturbation, Two Failure Modes: Probing VLM Safety via Embedding-Guided Typographic Perturbations

cs.CV · 2026-04-28 · unverdicted · novelty 6.0

Multimodal embedding distance predicts typographic attack success rate across VLMs, and optimizing it under bounded perturbations on surrogates exposes two co-occurring failure modes of lost readability and reduced safety refusals.

citing papers explorer

Showing 1 of 1 citing paper.

One Perturbation, Two Failure Modes: Probing VLM Safety via Embedding-Guided Typographic Perturbations cs.CV · 2026-04-28 · unverdicted · none · ref 1
Multimodal embedding distance predicts typographic attack success rate across VLMs, and optimizing it under bounded perturbations on surrogates exposes two co-occurring failure modes of lost readability and reduced safety refusals.

Defense-prefix for preventing typographic attacks on clip

fields

years

verdicts

representative citing papers

citing papers explorer