MM-SafetyBench: A Benchmark for Safety Evaluation of Multimodal Large Language Models

Xin Liu; Yichen Zhu; Jindong Gu; Yunshi Lan; Chao Yang; Yu Qiao

doi:10.1007/978-3-031-72992-8_22

MM-SafetyBench: A Benchmark for Safety Evaluation of Multimodal Large Language Models

Xin Liu^*
, Yichen Zhu
, Jindong Gu
, Yunshi Lan^*
, Chao Yang^*
, Yu Qiao

^*此作品的通讯作者

数据科学与工程学院

East China Normal University
Shanghai AI Laboratory
Midea Group
University of Oxford

科研成果: 书/报告/会议事项章节 › 会议稿件 › 同行评审

60 引用（Scopus）

摘要

The security concerns surrounding Large Language Models (LLMs) have been extensively explored, yet the safety of Multimodal Large Language Models (MLLMs) remains understudied. In this paper, we observe that Multimodal Large Language Models (MLLMs) can be easily compromised by simple query-relevant images when paired with a malicious text query. This attack is achieved without the need for adversarial attacks on either the text or the images. To address this, we introduce MM-SafetyBench, a comprehensive framework designed for conducting safety-critical evaluations of MLLMs against such image-based manipulations. We have compiled a dataset comprising 13 scenarios, resulting in a total of 5,040 text-image pairs. Our analysis across 12 state-of-the-art models reveals that MLLMs are susceptible to breaches instigated by our approach, even when the equipped LLMs have been safety-aligned. In response, we propose a straightforward yet effective prompting strategy to enhance the resilience of MLLMs against these types of attacks. Our work underscores the need for a concerted effort to strengthen and enhance the safety measures of open-source MLLMs against potential malicious exploits. The resource is available at https://github.com/isXinLiu/MM-SafetyBench.

源语言	英语
主期刊名	Computer Vision – ECCV 2024 - 18th European Conference, Proceedings
编辑	Aleš Leonardis, Elisa Ricci, Stefan Roth, Olga Russakovsky, Torsten Sattler, Gül Varol
出版商	Springer Science and Business Media Deutschland GmbH
页	386-403
页数	18
ISBN（印刷版）	9783031729911
DOI	https://doi.org/10.1007/978-3-031-72992-8_22
出版状态	已出版 - 2025
活动	18th European Conference on Computer Vision, ECCV 2024 - Milan, 意大利期限: 29 9月 2024 → 4 10月 2024

出版系列

姓名	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
卷	15114 LNCS
ISSN（印刷版）	0302-9743
ISSN（电子版）	1611-3349

会议

会议	18th European Conference on Computer Vision, ECCV 2024
国家/地区	意大利
市	Milan
时期	29/09/24 → 4/10/24

访问文件

10.1007/978-3-031-72992-8_22

其它文件与链接

链接到 Scopus 的出版物

引用此

Liu, X., Zhu, Y., Gu, J., Lan, Y., Yang, C., & Qiao, Y. (2025). MM-SafetyBench: A Benchmark for Safety Evaluation of Multimodal Large Language Models. 在 A. Leonardis, E. Ricci, S. Roth, O. Russakovsky, T. Sattler, & G. Varol (编辑), Computer Vision – ECCV 2024 - 18th European Conference, Proceedings (页码 386-403). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); 卷 15114 LNCS). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-3-031-72992-8_22

Liu, Xin ; Zhu, Yichen ; Gu, Jindong 等. / MM-SafetyBench : A Benchmark for Safety Evaluation of Multimodal Large Language Models. Computer Vision – ECCV 2024 - 18th European Conference, Proceedings. 编辑 / Aleš Leonardis ; Elisa Ricci ; Stefan Roth ; Olga Russakovsky ; Torsten Sattler ; Gül Varol. Springer Science and Business Media Deutschland GmbH, 2025. 页码 386-403 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{b271533d3bdc43ae8e5817fcc44b66cc,

title = "MM-SafetyBench: A Benchmark for Safety Evaluation of Multimodal Large Language Models",

abstract = "The security concerns surrounding Large Language Models (LLMs) have been extensively explored, yet the safety of Multimodal Large Language Models (MLLMs) remains understudied. In this paper, we observe that Multimodal Large Language Models (MLLMs) can be easily compromised by simple query-relevant images when paired with a malicious text query. This attack is achieved without the need for adversarial attacks on either the text or the images. To address this, we introduce MM-SafetyBench, a comprehensive framework designed for conducting safety-critical evaluations of MLLMs against such image-based manipulations. We have compiled a dataset comprising 13 scenarios, resulting in a total of 5,040 text-image pairs. Our analysis across 12 state-of-the-art models reveals that MLLMs are susceptible to breaches instigated by our approach, even when the equipped LLMs have been safety-aligned. In response, we propose a straightforward yet effective prompting strategy to enhance the resilience of MLLMs against these types of attacks. Our work underscores the need for a concerted effort to strengthen and enhance the safety measures of open-source MLLMs against potential malicious exploits. The resource is available at https://github.com/isXinLiu/MM-SafetyBench.",

keywords = "Benchmark, Multimodal Large Language Models, Safety",

author = "Xin Liu and Yichen Zhu and Jindong Gu and Yunshi Lan and Chao Yang and Yu Qiao",

note = "Publisher Copyright: {\textcopyright} The Author(s), under exclusive license to Springer Nature Switzerland AG 2025.; 18th European Conference on Computer Vision, ECCV 2024 ; Conference date: 29-09-2024 Through 04-10-2024",

year = "2025",

doi = "10.1007/978-3-031-72992-8\_22",

language = "英语",

isbn = "9783031729911",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Science and Business Media Deutschland GmbH",

pages = "386--403",

editor = "Ale{\v s} Leonardis and Elisa Ricci and Stefan Roth and Olga Russakovsky and Torsten Sattler and G{\"u}l Varol",

booktitle = "Computer Vision – ECCV 2024 - 18th European Conference, Proceedings",

address = "德国",

}

Liu, X, Zhu, Y, Gu, J, Lan, Y, Yang, C & Qiao, Y 2025, MM-SafetyBench: A Benchmark for Safety Evaluation of Multimodal Large Language Models. 在 A Leonardis, E Ricci, S Roth, O Russakovsky, T Sattler & G Varol (编辑), Computer Vision – ECCV 2024 - 18th European Conference, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 卷 15114 LNCS, Springer Science and Business Media Deutschland GmbH, 页码 386-403, 18th European Conference on Computer Vision, ECCV 2024, Milan, 意大利, 29/09/24. https://doi.org/10.1007/978-3-031-72992-8_22

MM-SafetyBench: A Benchmark for Safety Evaluation of Multimodal Large Language Models. / Liu, Xin; Zhu, Yichen; Gu, Jindong 等.
Computer Vision – ECCV 2024 - 18th European Conference, Proceedings. 编辑 / Aleš Leonardis; Elisa Ricci; Stefan Roth; Olga Russakovsky; Torsten Sattler; Gül Varol. Springer Science and Business Media Deutschland GmbH, 2025. 页码 386-403 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); 卷 15114 LNCS).

科研成果: 书/报告/会议事项章节 › 会议稿件 › 同行评审

TY - GEN

T1 - MM-SafetyBench

T2 - 18th European Conference on Computer Vision, ECCV 2024

AU - Liu, Xin

AU - Zhu, Yichen

AU - Gu, Jindong

AU - Lan, Yunshi

AU - Yang, Chao

AU - Qiao, Yu

N1 - Publisher Copyright: © The Author(s), under exclusive license to Springer Nature Switzerland AG 2025.

PY - 2025

Y1 - 2025

N2 - The security concerns surrounding Large Language Models (LLMs) have been extensively explored, yet the safety of Multimodal Large Language Models (MLLMs) remains understudied. In this paper, we observe that Multimodal Large Language Models (MLLMs) can be easily compromised by simple query-relevant images when paired with a malicious text query. This attack is achieved without the need for adversarial attacks on either the text or the images. To address this, we introduce MM-SafetyBench, a comprehensive framework designed for conducting safety-critical evaluations of MLLMs against such image-based manipulations. We have compiled a dataset comprising 13 scenarios, resulting in a total of 5,040 text-image pairs. Our analysis across 12 state-of-the-art models reveals that MLLMs are susceptible to breaches instigated by our approach, even when the equipped LLMs have been safety-aligned. In response, we propose a straightforward yet effective prompting strategy to enhance the resilience of MLLMs against these types of attacks. Our work underscores the need for a concerted effort to strengthen and enhance the safety measures of open-source MLLMs against potential malicious exploits. The resource is available at https://github.com/isXinLiu/MM-SafetyBench.

AB - The security concerns surrounding Large Language Models (LLMs) have been extensively explored, yet the safety of Multimodal Large Language Models (MLLMs) remains understudied. In this paper, we observe that Multimodal Large Language Models (MLLMs) can be easily compromised by simple query-relevant images when paired with a malicious text query. This attack is achieved without the need for adversarial attacks on either the text or the images. To address this, we introduce MM-SafetyBench, a comprehensive framework designed for conducting safety-critical evaluations of MLLMs against such image-based manipulations. We have compiled a dataset comprising 13 scenarios, resulting in a total of 5,040 text-image pairs. Our analysis across 12 state-of-the-art models reveals that MLLMs are susceptible to breaches instigated by our approach, even when the equipped LLMs have been safety-aligned. In response, we propose a straightforward yet effective prompting strategy to enhance the resilience of MLLMs against these types of attacks. Our work underscores the need for a concerted effort to strengthen and enhance the safety measures of open-source MLLMs against potential malicious exploits. The resource is available at https://github.com/isXinLiu/MM-SafetyBench.

KW - Benchmark

KW - Multimodal Large Language Models

KW - Safety

UR - https://www.scopus.com/pages/publications/85208547210

U2 - 10.1007/978-3-031-72992-8_22

DO - 10.1007/978-3-031-72992-8_22

M3 - 会议稿件

AN - SCOPUS:85208547210

SN - 9783031729911

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 386

EP - 403

BT - Computer Vision – ECCV 2024 - 18th European Conference, Proceedings

A2 - Leonardis, Aleš

A2 - Ricci, Elisa

A2 - Roth, Stefan

A2 - Russakovsky, Olga

A2 - Sattler, Torsten

A2 - Varol, Gül

PB - Springer Science and Business Media Deutschland GmbH

Y2 - 29 September 2024 through 4 October 2024

ER -

Liu X, Zhu Y, Gu J, Lan Y, Yang C, Qiao Y. MM-SafetyBench: A Benchmark for Safety Evaluation of Multimodal Large Language Models. 在 Leonardis A, Ricci E, Roth S, Russakovsky O, Sattler T, Varol G, 编辑, Computer Vision – ECCV 2024 - 18th European Conference, Proceedings. Springer Science and Business Media Deutschland GmbH. 2025. 页码 386-403. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-031-72992-8_22

MM-SafetyBench: A Benchmark for Safety Evaluation of Multimodal Large Language Models

摘要

出版系列

会议

访问文件

其它文件与链接

指纹

引用此