English

Learning to Detect Unknown Jailbreak Attacks in Large Vision-Language Models

Computer Vision and Pattern Recognition 2025-10-21 v2 Artificial Intelligence

Abstract

Despite extensive alignment efforts, Large Vision-Language Models (LVLMs) remain vulnerable to jailbreak attacks, posing serious safety risks. To address this, existing detection methods either learn attack-specific parameters, which hinders generalization to unseen attacks, or rely on heuristically sound principles, which limit accuracy and efficiency. To overcome these limitations, we propose Learning to Detect (LoD), a general framework that accurately detects unknown jailbreak attacks by shifting the focus from attack-specific learning to task-specific learning. This framework includes a Multi-modal Safety Concept Activation Vector module for safety-oriented representation learning and a Safety Pattern Auto-Encoder module for unsupervised attack classification. Extensive experiments show that our method achieves consistently higher detection AUROC on diverse unknown attacks while improving efficiency. The code is available at https://anonymous.4open.science/r/Learning-to-Detect-51CB.

Keywords

Cite

@article{arxiv.2510.15430,
  title  = {Learning to Detect Unknown Jailbreak Attacks in Large Vision-Language Models},
  author = {Shuang Liang and Zhihao Xu and Jialing Tao and Hui Xue and Xiting Wang},
  journal= {arXiv preprint arXiv:2510.15430},
  year   = {2025}
}

Comments

Withdrawn due to an accidental duplicate submission. This paper (arXiv:2510.15430) was unintentionally submitted as a new entry instead of a new version of our previous work (arXiv:2508.09201)

R2 v1 2026-07-01T06:42:49.300Z