Saved in:
Bibliographic Details
Main Authors: Hou, Guanyu, He, Jiaming, Zhou, Yinhang, Guo, Ji, Qiao, Yitong, Zhang, Rui, Jiang, Wenbo
Format: Preprint
Published: 2025
Subjects:
Online Access:https://arxiv.org/abs/2505.19598
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866916836354818048
author Hou, Guanyu
He, Jiaming
Zhou, Yinhang
Guo, Ji
Qiao, Yitong
Zhang, Rui
Jiang, Wenbo
author_facet Hou, Guanyu
He, Jiaming
Zhou, Yinhang
Guo, Ji
Qiao, Yitong
Zhang, Rui
Jiang, Wenbo
contents Large Audio-Language Models (LALMs) are increasingly deployed in real-world applications, yet their robustness against malicious audio injection attacks remains underexplored. This study systematically evaluates five leading LALMs across four attack scenarios: Audio Interference Attack, Instruction Following Attack, Context Injection Attack, and Judgment Hijacking Attack. Using metrics like Defense Success Rate, Context Robustness Score, and Judgment Robustness Index, their vulnerabilities and resilience were quantitatively assessed. Experimental results reveal significant performance disparities among models; no single model consistently outperforms others across all attack types. The position of malicious content critically influences attack effectiveness, particularly when placed at the beginning of sequences. A negative correlation between instruction-following capability and robustness suggests models adhering strictly to instructions may be more susceptible, contrasting with greater resistance by safety-aligned models. Additionally, system prompts show mixed effectiveness, indicating the need for tailored strategies. This work introduces a benchmark framework and highlights the importance of integrating robustness into training pipelines. Findings emphasize developing multi-modal defenses and architectural designs that decouple capability from susceptibility for secure LALMs deployment.
format Preprint
id arxiv_https___arxiv_org_abs_2505_19598
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle Evaluating Robustness of Large Audio Language Models to Audio Injection: An Empirical Study
Hou, Guanyu
He, Jiaming
Zhou, Yinhang
Guo, Ji
Qiao, Yitong
Zhang, Rui
Jiang, Wenbo
Computation and Language
Large Audio-Language Models (LALMs) are increasingly deployed in real-world applications, yet their robustness against malicious audio injection attacks remains underexplored. This study systematically evaluates five leading LALMs across four attack scenarios: Audio Interference Attack, Instruction Following Attack, Context Injection Attack, and Judgment Hijacking Attack. Using metrics like Defense Success Rate, Context Robustness Score, and Judgment Robustness Index, their vulnerabilities and resilience were quantitatively assessed. Experimental results reveal significant performance disparities among models; no single model consistently outperforms others across all attack types. The position of malicious content critically influences attack effectiveness, particularly when placed at the beginning of sequences. A negative correlation between instruction-following capability and robustness suggests models adhering strictly to instructions may be more susceptible, contrasting with greater resistance by safety-aligned models. Additionally, system prompts show mixed effectiveness, indicating the need for tailored strategies. This work introduces a benchmark framework and highlights the importance of integrating robustness into training pipelines. Findings emphasize developing multi-modal defenses and architectural designs that decouple capability from susceptibility for secure LALMs deployment.
title Evaluating Robustness of Large Audio Language Models to Audio Injection: An Empirical Study
topic Computation and Language
url https://arxiv.org/abs/2505.19598