The Security Threat of Compressed Projectors in Large Vision-Language Models Article Swipe
Yudong Zhang
,
Ruobing Xie
,
Xingwu Sun
,
Jiansheng Chen
,
Zhanhui Kang
,
Di Wang
,
Yu Wang
·
YOU?
·
· 2025
· Open Access
·
· DOI: https://doi.org/10.48550/arxiv.2506.00534
YOU?
·
· 2025
· Open Access
·
· DOI: https://doi.org/10.48550/arxiv.2506.00534
The choice of a suitable visual language projector (VLP) is critical to the successful training of large visual language models (LVLMs). Mainstream VLPs can be broadly categorized into compressed and uncompressed projectors, and each offers distinct advantages in performance and computational efficiency. However, their security implications have not been thoroughly examined. Our comprehensive evaluation reveals significant differences in their security profiles: compressed projectors exhibit substantial vulnerabilities, allowing adversaries to successfully compromise LVLMs even with minimal knowledge of structure information. In stark contrast, uncompressed projectors demonstrate robust security properties and do not introduce additional vulnerabilities. These findings provide critical guidance for researchers in selecting optimal VLPs that enhance the security and reliability of visual language models. The code is available at https://github.com/btzyd/TCP.
Related Topics
Concepts
No concepts available.
Metadata
- Type
- preprint
- Language
- en
- Landing Page
- http://arxiv.org/abs/2506.00534
- https://arxiv.org/pdf/2506.00534
- OA Status
- green
- OpenAlex ID
- https://openalex.org/W4414890929
All OpenAlex metadata
Raw OpenAlex JSON
- OpenAlex ID
-
https://openalex.org/W4414890929Canonical identifier for this work in OpenAlex
- DOI
-
https://doi.org/10.48550/arxiv.2506.00534Digital Object Identifier
- Title
-
The Security Threat of Compressed Projectors in Large Vision-Language ModelsWork title
- Type
-
preprintOpenAlex work type
- Language
-
enPrimary language
- Publication year
-
2025Year of publication
- Publication date
-
2025-05-31Full publication date if available
- Authors
-
Yudong Zhang, Ruobing Xie, Xingwu Sun, Jiansheng Chen, Zhanhui Kang, Di Wang, Yu WangList of authors in order
- Landing page
-
https://arxiv.org/abs/2506.00534Publisher landing page
- PDF URL
-
https://arxiv.org/pdf/2506.00534Direct link to full text PDF
- Open access
-
YesWhether a free full text is available
- OA status
-
greenOpen access status per OpenAlex
- OA URL
-
https://arxiv.org/pdf/2506.00534Direct OA link when available
- Cited by
-
0Total citation count in OpenAlex
Full payload
| id | https://openalex.org/W4414890929 |
|---|---|
| doi | https://doi.org/10.48550/arxiv.2506.00534 |
| ids.doi | https://doi.org/10.48550/arxiv.2506.00534 |
| ids.openalex | https://openalex.org/W4414890929 |
| fwci | |
| type | preprint |
| title | The Security Threat of Compressed Projectors in Large Vision-Language Models |
| biblio.issue | |
| biblio.volume | |
| biblio.last_page | |
| biblio.first_page | |
| topics[0].id | https://openalex.org/T12357 |
| topics[0].field.id | https://openalex.org/fields/17 |
| topics[0].field.display_name | Computer Science |
| topics[0].score | 0.9283000230789185 |
| topics[0].domain.id | https://openalex.org/domains/3 |
| topics[0].domain.display_name | Physical Sciences |
| topics[0].subfield.id | https://openalex.org/subfields/1707 |
| topics[0].subfield.display_name | Computer Vision and Pattern Recognition |
| topics[0].display_name | Digital Media Forensic Detection |
| is_xpac | False |
| apc_list | |
| apc_paid | |
| language | en |
| locations[0].id | pmh:oai:arXiv.org:2506.00534 |
| locations[0].is_oa | True |
| locations[0].source.id | https://openalex.org/S4306400194 |
| locations[0].source.issn | |
| locations[0].source.type | repository |
| locations[0].source.is_oa | True |
| locations[0].source.issn_l | |
| locations[0].source.is_core | False |
| locations[0].source.is_in_doaj | False |
| locations[0].source.display_name | arXiv (Cornell University) |
| locations[0].source.host_organization | https://openalex.org/I205783295 |
| locations[0].source.host_organization_name | Cornell University |
| locations[0].source.host_organization_lineage | https://openalex.org/I205783295 |
| locations[0].license | |
| locations[0].pdf_url | https://arxiv.org/pdf/2506.00534 |
| locations[0].version | submittedVersion |
| locations[0].raw_type | text |
| locations[0].license_id | |
| locations[0].is_accepted | False |
| locations[0].is_published | False |
| locations[0].raw_source_name | |
| locations[0].landing_page_url | http://arxiv.org/abs/2506.00534 |
| locations[1].id | doi:10.48550/arxiv.2506.00534 |
| locations[1].is_oa | True |
| locations[1].source.id | https://openalex.org/S4306400194 |
| locations[1].source.issn | |
| locations[1].source.type | repository |
| locations[1].source.is_oa | True |
| locations[1].source.issn_l | |
| locations[1].source.is_core | False |
| locations[1].source.is_in_doaj | False |
| locations[1].source.display_name | arXiv (Cornell University) |
| locations[1].source.host_organization | https://openalex.org/I205783295 |
| locations[1].source.host_organization_name | Cornell University |
| locations[1].source.host_organization_lineage | https://openalex.org/I205783295 |
| locations[1].license | cc-by |
| locations[1].pdf_url | |
| locations[1].version | |
| locations[1].raw_type | article |
| locations[1].license_id | https://openalex.org/licenses/cc-by |
| locations[1].is_accepted | False |
| locations[1].is_published | |
| locations[1].raw_source_name | |
| locations[1].landing_page_url | https://doi.org/10.48550/arxiv.2506.00534 |
| indexed_in | arxiv, datacite |
| authorships[0].author.id | https://openalex.org/A5100434437 |
| authorships[0].author.orcid | https://orcid.org/0000-0002-4870-1493 |
| authorships[0].author.display_name | Yudong Zhang |
| authorships[0].author_position | first |
| authorships[0].raw_author_name | Zhang, Yudong |
| authorships[0].is_corresponding | False |
| authorships[1].author.id | https://openalex.org/A5101577090 |
| authorships[1].author.orcid | https://orcid.org/0000-0003-3170-5647 |
| authorships[1].author.display_name | Ruobing Xie |
| authorships[1].author_position | middle |
| authorships[1].raw_author_name | Xie, Ruobing |
| authorships[1].is_corresponding | False |
| authorships[2].author.id | https://openalex.org/A5039337290 |
| authorships[2].author.orcid | |
| authorships[2].author.display_name | Xingwu Sun |
| authorships[2].author_position | middle |
| authorships[2].raw_author_name | Sun, Xingwu |
| authorships[2].is_corresponding | False |
| authorships[3].author.id | https://openalex.org/A5100668653 |
| authorships[3].author.orcid | https://orcid.org/0000-0002-2040-7938 |
| authorships[3].author.display_name | Jiansheng Chen |
| authorships[3].author_position | middle |
| authorships[3].raw_author_name | Chen, Jiansheng |
| authorships[3].is_corresponding | False |
| authorships[4].author.id | https://openalex.org/A5020128898 |
| authorships[4].author.orcid | https://orcid.org/0009-0006-5151-4222 |
| authorships[4].author.display_name | Zhanhui Kang |
| authorships[4].author_position | middle |
| authorships[4].raw_author_name | Kang, Zhanhui |
| authorships[4].is_corresponding | False |
| authorships[5].author.id | https://openalex.org/A5003870232 |
| authorships[5].author.orcid | https://orcid.org/0000-0003-0232-8862 |
| authorships[5].author.display_name | Di Wang |
| authorships[5].author_position | middle |
| authorships[5].raw_author_name | Wang, Di |
| authorships[5].is_corresponding | False |
| authorships[6].author.id | https://openalex.org/A5101553530 |
| authorships[6].author.orcid | https://orcid.org/0000-0003-4775-200X |
| authorships[6].author.display_name | Yu Wang |
| authorships[6].author_position | last |
| authorships[6].raw_author_name | Wang, Yu |
| authorships[6].is_corresponding | False |
| has_content.pdf | False |
| has_content.grobid_xml | False |
| is_paratext | False |
| open_access.is_oa | True |
| open_access.oa_url | https://arxiv.org/pdf/2506.00534 |
| open_access.oa_status | green |
| open_access.any_repository_has_fulltext | False |
| created_date | 2025-10-10T00:00:00 |
| display_name | The Security Threat of Compressed Projectors in Large Vision-Language Models |
| has_fulltext | False |
| is_retracted | False |
| updated_date | 2025-11-06T06:51:31.235846 |
| primary_topic.id | https://openalex.org/T12357 |
| primary_topic.field.id | https://openalex.org/fields/17 |
| primary_topic.field.display_name | Computer Science |
| primary_topic.score | 0.9283000230789185 |
| primary_topic.domain.id | https://openalex.org/domains/3 |
| primary_topic.domain.display_name | Physical Sciences |
| primary_topic.subfield.id | https://openalex.org/subfields/1707 |
| primary_topic.subfield.display_name | Computer Vision and Pattern Recognition |
| primary_topic.display_name | Digital Media Forensic Detection |
| cited_by_count | 0 |
| locations_count | 2 |
| best_oa_location.id | pmh:oai:arXiv.org:2506.00534 |
| best_oa_location.is_oa | True |
| best_oa_location.source.id | https://openalex.org/S4306400194 |
| best_oa_location.source.issn | |
| best_oa_location.source.type | repository |
| best_oa_location.source.is_oa | True |
| best_oa_location.source.issn_l | |
| best_oa_location.source.is_core | False |
| best_oa_location.source.is_in_doaj | False |
| best_oa_location.source.display_name | arXiv (Cornell University) |
| best_oa_location.source.host_organization | https://openalex.org/I205783295 |
| best_oa_location.source.host_organization_name | Cornell University |
| best_oa_location.source.host_organization_lineage | https://openalex.org/I205783295 |
| best_oa_location.license | |
| best_oa_location.pdf_url | https://arxiv.org/pdf/2506.00534 |
| best_oa_location.version | submittedVersion |
| best_oa_location.raw_type | text |
| best_oa_location.license_id | |
| best_oa_location.is_accepted | False |
| best_oa_location.is_published | False |
| best_oa_location.raw_source_name | |
| best_oa_location.landing_page_url | http://arxiv.org/abs/2506.00534 |
| primary_location.id | pmh:oai:arXiv.org:2506.00534 |
| primary_location.is_oa | True |
| primary_location.source.id | https://openalex.org/S4306400194 |
| primary_location.source.issn | |
| primary_location.source.type | repository |
| primary_location.source.is_oa | True |
| primary_location.source.issn_l | |
| primary_location.source.is_core | False |
| primary_location.source.is_in_doaj | False |
| primary_location.source.display_name | arXiv (Cornell University) |
| primary_location.source.host_organization | https://openalex.org/I205783295 |
| primary_location.source.host_organization_name | Cornell University |
| primary_location.source.host_organization_lineage | https://openalex.org/I205783295 |
| primary_location.license | |
| primary_location.pdf_url | https://arxiv.org/pdf/2506.00534 |
| primary_location.version | submittedVersion |
| primary_location.raw_type | text |
| primary_location.license_id | |
| primary_location.is_accepted | False |
| primary_location.is_published | False |
| primary_location.raw_source_name | |
| primary_location.landing_page_url | http://arxiv.org/abs/2506.00534 |
| publication_date | 2025-05-31 |
| publication_year | 2025 |
| referenced_works_count | 0 |
| abstract_inverted_index.a | 3 |
| abstract_inverted_index.In | 79 |
| abstract_inverted_index.at | 119 |
| abstract_inverted_index.be | 24 |
| abstract_inverted_index.do | 89 |
| abstract_inverted_index.in | 37, 57, 101 |
| abstract_inverted_index.is | 9, 117 |
| abstract_inverted_index.of | 2, 15, 76, 111 |
| abstract_inverted_index.to | 11, 68 |
| abstract_inverted_index.Our | 51 |
| abstract_inverted_index.The | 0, 115 |
| abstract_inverted_index.and | 29, 32, 39, 88, 109 |
| abstract_inverted_index.can | 23 |
| abstract_inverted_index.for | 99 |
| abstract_inverted_index.not | 47, 90 |
| abstract_inverted_index.the | 12, 107 |
| abstract_inverted_index.VLPs | 22, 104 |
| abstract_inverted_index.been | 48 |
| abstract_inverted_index.code | 116 |
| abstract_inverted_index.each | 33 |
| abstract_inverted_index.even | 72 |
| abstract_inverted_index.have | 46 |
| abstract_inverted_index.into | 27 |
| abstract_inverted_index.that | 105 |
| abstract_inverted_index.with | 73 |
| abstract_inverted_index.(VLP) | 8 |
| abstract_inverted_index.LVLMs | 71 |
| abstract_inverted_index.These | 94 |
| abstract_inverted_index.large | 16 |
| abstract_inverted_index.stark | 80 |
| abstract_inverted_index.their | 43, 58 |
| abstract_inverted_index.choice | 1 |
| abstract_inverted_index.models | 19 |
| abstract_inverted_index.offers | 34 |
| abstract_inverted_index.robust | 85 |
| abstract_inverted_index.visual | 5, 17, 112 |
| abstract_inverted_index.broadly | 25 |
| abstract_inverted_index.enhance | 106 |
| abstract_inverted_index.exhibit | 63 |
| abstract_inverted_index.minimal | 74 |
| abstract_inverted_index.models. | 114 |
| abstract_inverted_index.optimal | 103 |
| abstract_inverted_index.provide | 96 |
| abstract_inverted_index.reveals | 54 |
| abstract_inverted_index.(LVLMs). | 20 |
| abstract_inverted_index.However, | 42 |
| abstract_inverted_index.allowing | 66 |
| abstract_inverted_index.critical | 10, 97 |
| abstract_inverted_index.distinct | 35 |
| abstract_inverted_index.findings | 95 |
| abstract_inverted_index.guidance | 98 |
| abstract_inverted_index.language | 6, 18, 113 |
| abstract_inverted_index.security | 44, 59, 86, 108 |
| abstract_inverted_index.suitable | 4 |
| abstract_inverted_index.training | 14 |
| abstract_inverted_index.available | 118 |
| abstract_inverted_index.contrast, | 81 |
| abstract_inverted_index.examined. | 50 |
| abstract_inverted_index.introduce | 91 |
| abstract_inverted_index.knowledge | 75 |
| abstract_inverted_index.profiles: | 60 |
| abstract_inverted_index.projector | 7 |
| abstract_inverted_index.selecting | 102 |
| abstract_inverted_index.structure | 77 |
| abstract_inverted_index.Mainstream | 21 |
| abstract_inverted_index.additional | 92 |
| abstract_inverted_index.advantages | 36 |
| abstract_inverted_index.compressed | 28, 61 |
| abstract_inverted_index.compromise | 70 |
| abstract_inverted_index.evaluation | 53 |
| abstract_inverted_index.projectors | 62, 83 |
| abstract_inverted_index.properties | 87 |
| abstract_inverted_index.successful | 13 |
| abstract_inverted_index.thoroughly | 49 |
| abstract_inverted_index.adversaries | 67 |
| abstract_inverted_index.categorized | 26 |
| abstract_inverted_index.demonstrate | 84 |
| abstract_inverted_index.differences | 56 |
| abstract_inverted_index.efficiency. | 41 |
| abstract_inverted_index.performance | 38 |
| abstract_inverted_index.projectors, | 31 |
| abstract_inverted_index.reliability | 110 |
| abstract_inverted_index.researchers | 100 |
| abstract_inverted_index.significant | 55 |
| abstract_inverted_index.substantial | 64 |
| abstract_inverted_index.implications | 45 |
| abstract_inverted_index.information. | 78 |
| abstract_inverted_index.successfully | 69 |
| abstract_inverted_index.uncompressed | 30, 82 |
| abstract_inverted_index.comprehensive | 52 |
| abstract_inverted_index.computational | 40 |
| abstract_inverted_index.vulnerabilities, | 65 |
| abstract_inverted_index.vulnerabilities. | 93 |
| abstract_inverted_index.https://github.com/btzyd/TCP. | 120 |
| cited_by_percentile_year | |
| countries_distinct_count | 0 |
| institutions_distinct_count | 7 |
| citation_normalized_percentile |