Controllable Black-Box Attacks on VLM-Powered Web Agents

Download PDF

Chat with PDF

Download Chat

The paper "AD VWEB" investigates security vulnerabilities in Vision-Language Models (VLMs) used for web automation tasks. The research introduces a novel black-box attack framework that can manipulate VLM-powered web agents without accessing their internal architecture. The authors demonstrate how adversarial perturbations to web page elements can deceive these agents into performing unintended actions while maintaining visual consistency for human users. The study explores various attack scenarios across e-commerce, content management, and form-filling tasks, showing how subtle modifications to HTML elements and visual layouts can significantly impact agent behavior. The research reveals critical security implications for automated web systems, particularly in sensitive applications like online banking and healthcare portals. The paper also proposes potential defensive strategies and highlights the importance of robust testing and validation for VLM-based web automation systems. This work contributes valuable insights to the ongoing discussion of AI safety and security in web automation.

The paper "**AD VWEB**" investigates security vulnerabilities in Vision-Language Models (VLMs) used for web automation tasks. The research introduces a novel *black-box attack framework* that can manipulate VLM-powered web agents without accessing their internal architecture. The authors demonstrate how **adversarial perturbations** to web page elements can deceive these agents into performing unintended actions while maintaining visual consistency for human users. The study explores various attack scenarios across *e-commerce*, *content management*, and *form-filling tasks*, showing how subtle modifications to HTML elements and visual layouts can significantly impact agent behavior. The research reveals critical **security implications** for automated web systems, particularly in sensitive applications like online banking and healthcare portals. The paper also proposes potential defensive strategies and highlights the importance of *robust testing* and *validation* for VLM-based web automation systems. This work contributes valuable insights to the ongoing discussion of AI safety and security in web automation.

Controllable Black-Box Attacks on VLM-Powered Web Agents

Chat with PDF

Chat with more PDFs

Summarization of Opinionated Political Documents with Varied Perspectives

One Arrow, Many Targets: Probing LLMs for Multi-Attribute Controllable Text Summarization

Retrieval Augmented Retrieval with In Context Examples

Understanding the Effects of Human-written Paraphrases in LLM-generated Text Detection

Visual Caption Restoration

Aligning Large Language Models on Information Extraction

Mitigating Hallucinations of Large Language Models in Medical Information Extraction via Contrastive Decoding

Rethinking Document Information Extraction Datasets for LLMs

Automatic Generation of Benchmarks and Reliable LLM Judgment for Code Tasks

Training-free Compensation for Compressed LLM with Eigenspace Low-Rank Approximation

Detecting Pretraining Data in Large Language Models

Privacy-Preserving In-Context Learning for Large Language Models

AgentBench: Evaluating LLMs as Agents

BERT: Pre-training of Deep Bidirectional Transformers for Language Understanding

Attention is all you need

Send in a query

Talk to an AI expert

DATA CAPTURE

WORKFLOWS

solutions BY FUNCTION

solutions BY INDUSTRY

solutions BY USE CASE

resources

coMPARE

company

get in touch