Redirecting to original paper in 30 seconds...

Click below to go immediately or wait for automatic redirect

arxiv_cv 95% Match Research Paper AI Safety Researchers,LLM Developers,ML Engineers,Cybersecurity Professionals 3 days ago

Risk-adaptive Activation Steering for Safe Multimodal Large Language Models

ai-safety › alignment
📄 Abstract

Abstract: One of the key challenges of modern AI models is ensuring that they provide helpful responses to benign queries while refusing malicious ones. But often, the models are vulnerable to multimodal queries with harmful intent embedded in images. One approach for safety alignment is training with extensive safety datasets at the significant costs in both dataset curation and training. Inference-time alignment mitigates these costs, but introduces two drawbacks: excessive refusals from misclassified benign queries and slower inference speed due to iterative output adjustments. To overcome these limitations, we propose to reformulate queries to strengthen cross-modal attention to safety-critical image regions, enabling accurate risk assessment at the query level. Using the assessed risk, it adaptively steers activations to generate responses that are safe and helpful without overhead from iterative output adjustments. We call this Risk-adaptive Activation Steering (RAS). Extensive experiments across multiple benchmarks on multimodal safety and utility demonstrate that the RAS significantly reduces attack success rates, preserves general task performance, and improves inference speed over prior inference-time defenses.
Authors (3)
Jonghyun Park
Minhyuk Seo
Jonghyun Choi
Submitted
October 15, 2025
arXiv Category
cs.CV
arXiv PDF

Key Contributions

This paper proposes Risk-adaptive Activation Steering (RAS) to improve safety alignment in multimodal LLMs. RAS reformulates queries to strengthen cross-modal attention to safety-critical image regions, enabling accurate risk assessment at the query level and adaptively steering activations for safe and helpful responses without iterative output adjustments, thus overcoming limitations of existing inference-time alignment methods.

Business Value

Enhances the safety and reliability of AI systems, particularly those interacting with users through both text and images. This can lead to more trustworthy AI assistants, content moderation tools, and secure information retrieval systems, reducing risks associated with harmful or malicious content.

Paper Metadata

Innovation Type

Algorithmic

Deployment Feasibility

High, as it focuses on inference-time alignment, which adds less overhead than retraining. The proposed method aims to avoid iterative output adjustments, suggesting efficiency.

Limitations Addressed

Vulnerability of LLMs to multimodal queries with harmful intent,High costs of training-time safety alignment,Excessive refusals from misclassified benign queries in inference-time alignment,Slower inference speed due to iterative output adjustments in inference-time alignment

Technical Tags

multimodal LLMssafety alignmentrisk assessmentactivation steeringcross-modal attentionimage understandingquery reformulationinference-time alignmentharmful intent detectionresponse generation

Research Topics

AI SafetyMultimodal AILarge Language ModelsRobustnessEthical AI

Methods & Architectures

Risk-adaptive Activation Steering (RAS)Cross-modal attentionQuery reformulationActivation steering Multimodal Large Language Models

Applications & Tasks

AI Safety Content Moderation Information Security Ensuring helpfulness for benign queriesRefusing malicious queriesVulnerability to multimodal queries with harmful intentMitigating inference-time alignment drawbacks (excessive refusals, slow inference) Safe response generationMalicious query detectionRisk assessment

Related Fields

Natural Language ProcessingComputer VisionMachine LearningCybersecurity

Keywords

multimodal LLMAI safetyalignmentrisk assessmentactivation steeringcross-modal attentionimage analysisharmful contentinference optimizationresponse generationethical AIrobustness

Academic Context

#AI Safety#Multimodal AI#Large Language Models#Robustness#Ethical AI

Commercial Potential

Potential Products
Safer AI assistantsAdvanced content moderation systemsSecure multimodal search engines
Target Industries
TechnologySocial MediaInformation SecurityCustomer Service
Use Case Examples
Preventing an LLM from generating harmful content based on an image inputEnsuring an AI assistant refuses to process malicious image-based requestsImproving the safety of AI systems used in sensitive applications
Competitive Edge
Offers an inference-time solution that is more efficient and less prone to over-refusal than existing methods, by directly steering model activations based on assessed risk.

Resource Requirements

Compute Needs
Likely moderate to high, typical for training and inference of large multimodal models.
Data Requirements
Requires datasets with multimodal inputs (images and text) and safety labels or annotations for training and evaluation.
Deployment Constraints
Integration into existing LLM inference pipelines. Potential for latency increase if activation steering is computationally intensive, though the paper aims to mitigate this.
Scalability
Scalability depends on the underlying multimodal LLM architecture. The RAS method itself is designed to be efficient at inference time.
View Full Paper Back to Papers