高频反梦境ooth:稳健防御图像合成

Takuto Onikubo, Yusuke Matsui
{"title":"高频反梦境ooth:稳健防御图像合成","authors":"Takuto Onikubo, Yusuke Matsui","doi":"arxiv-2409.08167","DOIUrl":null,"url":null,"abstract":"Recently, text-to-image generative models have been misused to create\nunauthorized malicious images of individuals, posing a growing social problem.\nPrevious solutions, such as Anti-DreamBooth, add adversarial noise to images to\nprotect them from being used as training data for malicious generation.\nHowever, we found that the adversarial noise can be removed by adversarial\npurification methods such as DiffPure. Therefore, we propose a new adversarial\nattack method that adds strong perturbation on the high-frequency areas of\nimages to make it more robust to adversarial purification. Our experiment\nshowed that the adversarial images retained noise even after adversarial\npurification, hindering malicious image generation.","PeriodicalId":501130,"journal":{"name":"arXiv - CS - Computer Vision and Pattern Recognition","volume":"7 12 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2024-09-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"High-Frequency Anti-DreamBooth: Robust Defense Against Image Synthesis\",\"authors\":\"Takuto Onikubo, Yusuke Matsui\",\"doi\":\"arxiv-2409.08167\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Recently, text-to-image generative models have been misused to create\\nunauthorized malicious images of individuals, posing a growing social problem.\\nPrevious solutions, such as Anti-DreamBooth, add adversarial noise to images to\\nprotect them from being used as training data for malicious generation.\\nHowever, we found that the adversarial noise can be removed by adversarial\\npurification methods such as DiffPure. Therefore, we propose a new adversarial\\nattack method that adds strong perturbation on the high-frequency areas of\\nimages to make it more robust to adversarial purification. Our experiment\\nshowed that the adversarial images retained noise even after adversarial\\npurification, hindering malicious image generation.\",\"PeriodicalId\":501130,\"journal\":{\"name\":\"arXiv - CS - Computer Vision and Pattern Recognition\",\"volume\":\"7 12 1\",\"pages\":\"\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2024-09-12\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"arXiv - CS - Computer Vision and Pattern Recognition\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/arxiv-2409.08167\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"arXiv - CS - Computer Vision and Pattern Recognition","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/arxiv-2409.08167","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0

摘要

最近,文本到图像生成模型被滥用于创建未经授权的个人恶意图像,造成了日益严重的社会问题。以前的解决方案,如反梦境ooth,会在图像中添加对抗噪声,以保护图像不被用作恶意生成的训练数据。因此,我们提出了一种新的对抗攻击方法,在图像的高频区域添加强扰动,使其对对抗净化更具鲁棒性。我们的实验表明,即使经过对抗净化,对抗图像仍会保留噪声,从而阻碍恶意图像的生成。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
High-Frequency Anti-DreamBooth: Robust Defense Against Image Synthesis
Recently, text-to-image generative models have been misused to create unauthorized malicious images of individuals, posing a growing social problem. Previous solutions, such as Anti-DreamBooth, add adversarial noise to images to protect them from being used as training data for malicious generation. However, we found that the adversarial noise can be removed by adversarial purification methods such as DiffPure. Therefore, we propose a new adversarial attack method that adds strong perturbation on the high-frequency areas of images to make it more robust to adversarial purification. Our experiment showed that the adversarial images retained noise even after adversarial purification, hindering malicious image generation.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
自引率
0.00%
发文量
0
期刊最新文献
Massively Multi-Person 3D Human Motion Forecasting with Scene Context Qwen2-VL: Enhancing Vision-Language Model's Perception of the World at Any Resolution Precise Forecasting of Sky Images Using Spatial Warping JEAN: Joint Expression and Audio-guided NeRF-based Talking Face Generation Applications of Knowledge Distillation in Remote Sensing: A Survey
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1