Attacking the Trusted Imagination: Oracle-Level Integrity Attacks on Imagine-then-Act World Models
The paper presents a study on integrity attacks targeting the "imagine-then-act" design of vision-language-action (VLA) policies, specifically focusing on the vulnerabilities of world-action models (WAMs). It identifies the latent trajectory z~ as the attack surface and demonstrates that corrupting this imagination is significantly easier than controlling it precisely, with empirical evaluations showing that untargeted corruption is approximately 60 times more effective than random perturbations. This research highlights the risks associated with reliance on WAMs in downstream systems, suggesting that while reactive policies may remain robust, imagination-driven model-predictive control (MPC) can suffer from adversarial failures, emphasizing the need for enhanced security measures in AI systems.