Visual Self-Fulfilling Alignment: Shaping Safety-Oriented Personas via Threat-Related Images

· Source: cs.AI updates on arXiv.org · Field: Technology & Digital — Artificial Intelligence & Machine Learning, Cybersecurity & Data Privacy · Depth: Expert, extended

Summary

Visual Self-Fulfilling Alignment (VSFA) is a novel method addressing safety misalignment in Multimodal Large Language Models (MLLMs) caused by visual inputs. Unlike existing approaches that require explicit safety labels or contrastive data, VSFA fine-tunes Vision-Language Models (VLMs) using neutral Visual Question Answering (VQA) tasks built around threat-related images. This label-free method exposes models to visual content depicting potential dangers, such as images generated from AI safety abstracts using GPT-4o-mini and Doubao API. Through repeated exposure, models implicitly internalize vigilance and caution, shaping "safety-oriented personas." Experiments on Qwen2.5-VL-7B-Instruct, Qwen3-VL-8B-Instruct, LLaVA-1.5-7B, and LLaVA-v1.6-Mistral-7B across benchmarks like FigStep, MMSafetyBench, and SPA-VL demonstrate that VSFA significantly reduces attack success rates, improves response quality, and mitigates over-refusal while preserving general capabilities.

Key takeaway

For Research Scientists and Computer Vision Engineers developing MLLMs, VSFA offers a compelling label-free approach to enhance model safety. You should consider integrating visual self-fulfilling alignment techniques to foster implicit threat awareness, thereby reducing attack success rates and over-refusal without compromising response quality or general capabilities. This method avoids the need for costly, explicitly labeled safety datasets, streamlining the alignment process.

Key insights

Implicit visual exposure to threat-related content can shape safety-oriented personas in MLLMs without explicit safety labels.

Principles

Method

VSFA constructs neutral VQA tasks from threat-related images generated via AI safety abstracts and text-to-image models, then fine-tunes VLMs on this data, freezing the visual encoder and updating only the language model component.

In practice

Topics

Best for: Computer Vision Engineer, Research Scientist, AI Scientist, Machine Learning Engineer, AI Security Engineer

Related on AIssential

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by cs.AI updates on arXiv.org.