Watch, Listen, Understand, Mislead: Tri-modal Adversarial Attacks on Short Videos for Content Appropriateness Evaluation

📅 2025-07-16
📈 Citations: 0
Influential: 0
📄 PDF
🤖 AI Summary
Current短视频 content moderation relies heavily on unimodal adversarial attacks for evaluating multimodal large language models (MLLMs), failing to expose robustness deficiencies arising from joint visual, auditory, and semantic understanding. This work proposes ChimeraBreak—the first trimodal co-adversarial attack framework tailored for short videos—alongside SVMA, the first multimodal adversarial dataset for short-video safety evaluation. We introduce a human-guided synthesis strategy and an LLM-as-a-judge automated assessment mechanism to rigorously quantify model failures. Experiments demonstrate high attack success rates across mainstream MLLMs and systematically uncover diverse cross-modal misjudgment failure patterns. Our study not only reveals critical safety vulnerabilities of state-of-the-art MLLMs in real-world content moderation scenarios but also establishes a reproducible benchmark and empirically grounded improvement pathway for enhancing the robustness of multimodal safety systems.

Technology Category

Application Category

📝 Abstract
Multimodal Large Language Models (MLLMs) are increasingly used for content moderation, yet their robustness in short-form video contexts remains underexplored. Current safety evaluations often rely on unimodal attacks, failing to address combined attack vulnerabilities. In this paper, we introduce a comprehensive framework for evaluating the tri-modal safety of MLLMs. First, we present the Short-Video Multimodal Adversarial (SVMA) dataset, comprising diverse short-form videos with human-guided synthetic adversarial attacks. Second, we propose ChimeraBreak, a novel tri-modal attack strategy that simultaneously challenges visual, auditory, and semantic reasoning pathways. Extensive experiments on state-of-the-art MLLMs reveal significant vulnerabilities with high Attack Success Rates (ASR). Our findings uncover distinct failure modes, showing model biases toward misclassifying benign or policy-violating content. We assess results using LLM-as-a-judge, demonstrating attack reasoning efficacy. Our dataset and findings provide crucial insights for developing more robust and safe MLLMs.
Problem

Research questions and friction points this paper is trying to address.

Evaluating tri-modal safety vulnerabilities in MLLMs for short videos
Addressing combined attack weaknesses in multimodal content moderation
Assessing model biases in misclassifying benign or violating content
Innovation

Methods, ideas, or system contributions that make the work stand out.

SVMA dataset with human-guided synthetic attacks
ChimeraBreak tri-modal attack strategy
Evaluates visual, auditory, semantic vulnerabilities
🔎 Similar Papers
No similar papers found.
Authors to Follow
S
Sahid Hossain Mustakim
United International University
S
S M Jishanul Islam
United International University
Ummay Maria Muna
Ummay Maria Muna
Research Assistant at BRAC University
Machine LearningComputer VisionMultimodal LearningBiomedical AIBioinformatics
M
Montasir Chowdhury
United International University
M
Mohammed Jawwadul Islam
United International University
S
Sadia Ahmmed
University of British Columbia
T
Tashfia Sikder
Bangladesh University of Professionals
S
Syed Tasdid Azam Dhrubo
University of Alberta
Swakkhar Shatabda
Swakkhar Shatabda
Professor, School of Data and Sciences, BRAC University
optimizationmachine learningcomputational biologybioinformatics