Go to ICLR 2026 Conference homepageResource Consumption Red-Teaming for Large Vision-Language Models
Keywords: LVLMs, Resource consumption, red team
TL;DR: RECITE exploits visual inputs to trigger Resource Consumption Attacks (RCAs) on LVLMs, exposing critical security vulnerabilities.
Abstract: Resource Consumption Attacks (RCAs) have emerged as a significant threat to the deployment of Large Language Models (LLMs).
With the integration of vision modalities, additional attack vectors exacerbate the risk of RCAs in large vision-language models (LVLMs).
However, existing red-teaming studies have mainly overlooked visual inputs as a potential attack surface, resulting in insufficient mitigation strategies against RCAs in LVLMs.
To address this gap, we propose RECITE (Resource Consumption Red-Teaming for LVLMs), the first approach for exploiting visual modalities to trigger unbounded RCAs red-teaming.
First, we present Vision Guided Optimization, a fine-grained pixel-level optimization to obtain Output Recall Objective adversarial perturbations, which can induce repeating output.
Then, we inject the perturbations into visual inputs, triggering unbounded generations to achieve the goal of RCAs.
Empirical results demonstrate that RECITE increases service response latency by over 26×$\uparrow$, resulting in an additional 20\% increase in GPU utilization and memory consumption.
Our study reveals security vulnerabilities in LVLMs and establishes a red-teaming framework that can facilitate the development of future defenses against RCAs.
Supplementary Material: zip
Primary Area: foundation or frontier models, including LLMs
Submission Number: 5971
Loading