In recent years, the security vulnerabilities of Multi-modal Large Language Models (MLLMs) have become a serious concern in the Generative Artificial Intelligence (GenAI) research. These highly intelligent models, capable of performing multi-modal tasks with high accuracy, are also severely susceptible to carefully launched security attacks, such as jailbreaking attacks, which can manipulate model behavior and bypass safety constraints. This paper introduces MJAD-MLLMs, a holistic framework that systematically analyzes the proposed Multi-turn Jailbreaking Attacks and multi-LLM-based defense techniques for MLLMs. In this paper, we make three original contributions. First, we introduce a novel multi-turn jailbreaking attack to exploit the vulnerabilities of the MLLMs under multi-turn prompting. Second, we propose a novel fragment-optimized and multi-LLM defense mechanism, called FragGuard, to effectively mitigate jailbreaking attacks in the MLLMs. Third, we evaluate the efficacy of the proposed attacks and defenses through extensive experiments on several state-of-the-art (SOTA) open-source and closed-source MLLMs and benchmark datasets, and compare their performance with the existing techniques.

翻译：近年来，多模态大语言模型（MLLMs）的安全漏洞已成为生成式人工智能（GenAI）研究中的一个严重关切。这些能够以高精度执行多模态任务的高度智能模型，也极易受到精心发起的越狱攻击等安全攻击，这些攻击可以操纵模型行为并绕过安全约束。本文提出了MJAD-MLLMs，一个系统性分析所提出的多轮越狱攻击以及基于多LLM的MLLM防御技术的整体框架。本文做出了三项原创性贡献。首先，我们引入了一种新颖的多轮越狱攻击，以利用MLLMs在多轮提示下的漏洞。其次，我们提出了一种新颖的片段优化多LLM防御机制，称为FragGuard，以有效缓解MLLMs中的越狱攻击。第三，我们在多个最先进的（SOTA）开源和闭源MLLMs以及基准数据集上通过大量实验评估了所提出攻击和防御的有效性，并将其性能与现有技术进行了比较。