Abstract
The deployment of multimodal large language models (MLLMs) has demonstratedremarkable success in engaging in conversations involving visual inputs, thanksto the superior power of large language models (LLMs). Those MLLMs aretypically built based on the LLMs, with an image encoder to process images intothe token embedding space of the LLMs. However, the integration of visualmodality has introduced a unique vulnerability: the MLLM becomes susceptible tomalicious visual inputs and prone to generating sensitive or harmful responses,even though the LLM has been trained on textual dataset to align with humanvalue. In this paper, we first raise the question: ``Do the MLLMs possesssafety-awareness against malicious image inputs?". We find that after adding aprinciple that specifies the safety requirement into the input of the MLLM, themodel's safety awareness becomes boosted. This phenomenon verifies theexistence of MLLM's safety-awareness against image inputs, it is only weakenedby the modality gap. We then introduce a simple yet effective technique termedCoCA, which amplifies the safety-awareness of the MLLM by calibrating itsoutput distribution. Our proposed strategy helps the model reclaim its originalsafety awareness without losing its original capabilities. We verify theeffectiveness of our approach on both multimodal safety and understandingbenchmarks.