Steal the Patch Size: Adversarially Manipulate Vision-Language Models
arXiv:2607.00174v1 Announce Type: new Abstract: We present a black-box model-stealing attack that recovers private vision-tokenizer configurations of deployed vision-language models (VLMs), including the visual patch size and input preprocessing pipeline. The key idea is a task-level side channel induced by ViT-style patchification: when a synthetic grid image is aligned with the hidden patch grid, boundary cues are erased at tokenization, causing periodic accuracy drop. By sweeping the grid cel...
arXiv cs.CV
·Kai Hu, Akash Bharadwaj, Weichen Yu, Matt Fredrikson
·
// relacionados
Leia também
Editorial
Claude Sonnet 5: a Anthropic aposta que o modelo do meio faz o trabalho do topo
Blog
Google’s AI buildout drove 37% increase in electricity use in 2025
Blog
OpenAI reportedly offers the Trump administration a five percent stake in the company
Blog