@inproceedings{bc8715572b5a42b4813f6e8bebb10214,
title = "Poster: Black-box Attacks on Multimodal Large Language Models through Adversarial ICC Profiles",
abstract = "Despite their remarkable performance on vision-language tasks, multimodal large language models (MLLMs) remain vulnerable to adversarial examples. However, most existing attacks rely on gradient-based pixel perturbations and require white-box access to model parameters. In this paper, we propose ICCAdv, a novel black-box attack that requires no access to model parameters or gradients. The core idea of ICCAdv is to exploit the discrepancy between human and model perception of images during input processing. This discrepancy arises from the color management process, as human observers perceive rendered images based on ICC profile transformations, whereas most MLLMs circumvent this process and operate directly on raw RGB values. By embedding adversarial ICC profiles into image files, ICCAdv manipulates the perceived color semantics of MLLMs while preserving the natural visual appearance for human observers. Preliminary experiments indicate that ICCAdv can effectively attack state-of-the-art MLLMs while maintaining a natural visual appearance to human observers.",
keywords = "Black-box Attack, ICC Profile, Multimodal LLMs",
author = "Chengbin Sun and Hailong Sun and Guancheng Li and Jiashuo Liang",
note = "Publisher Copyright: {\textcopyright} 2025 Copyright held by the owner/author(s).; 32nd ACM SIGSAC Conference on Computer and Communications Security, CCS 2025 ; Conference date: 13-10-2025 Through 17-10-2025",
year = "2025",
month = nov,
day = "22",
doi = "10.1145/3719027.3760712",
language = "英语",
series = "CCS 2025 - Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security",
publisher = "Association for Computing Machinery, Inc",
pages = "4746--4748",
booktitle = "CCS 2025 - Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security",
}