Explainable Multimodal LLM for Proactive Detection of Image-Borne Threats

Traditional defenses, often reliant on known signatures or unimodal analysis, frequently fail against these advanced attacks, posing a significant risk to Sweden’s digital infrastructure. This research posits that a fundamental leap is required, moving beyond mere detection to proactive and predictive identification of such embedded threats. We propose a groundbreaking Multimodal Large Language Model (MLLM) framework.

This MLLM is designed not only to detect malicious code embedded in images with high fidelity but also to: a) Infer the potential intent and target of these embedded malicious payloads. b) Identify novel, zero-day image-borne threats including sophisticated zero-click attack vectors through advanced unsupervised anomaly detection across diverse data modalities. c) Provide causally-informed, actionable explanations for its findings. This approach aims to provide support for Swedish entities that depend on image retrieval and matching, so that they can defend against these pervasive and damaging image-based attacks, particularly those that execute without user interaction.