Anti-Reference: Universal  and Immediate Defense Against Reference-Based Generation

Yiren Song; Shengtao Lou; Xiaokang Liu; Hai Ci; Pei Yang; Jiaming Liu; Mike Zheng Shou

Anti-Reference: Universal and Immediate Defense Against Reference-Based Generation

Yiren Song, Shengtao Lou, Xiaokang Liu, Hai Ci, Pei Yang, Jiaming Liu, Mike Zheng Shou

24 Sept 2024 (modified: 15 Nov 2024)ICLR 2025 Conference Withdrawn SubmissionEveryoneRevisionsBibTeXCC BY 4.0

Keywords: Diffusion model, Customized generation, Adversarial Attack, Image generation

Abstract: Diffusion models have completely transformed the field of generative models, demonstrating unparalleled capabilities in generating high-fidelity images. However, when misused, such a powerful and convenient tool could create fake news or disturbing content targeted at individual victims, causing severe negative social impacts. In this paper, we introduce Anti-Reference, a novel method that protects images from the threats posed by reference-based generation techniques by adding imperceptible adversarial noise to the images. We propose a unified loss function that enables joint attacks on fine-tuning-based customization methods, non-fine-tuning customization methods, and human-centric driving methods. Based on this loss, we train a Noise Encoder with a DiT architecture to predict the noise or directly optimize the noise using the PGD (Projected Gradient Descent) method. Our method demonstrates strong black-box transferability, being equally effective against black-box models and some commercial APIs such as Animate Anyone, and EMO. Extensive experiments validate the performance of Anti-Reference, establishing a new benchmark in image security.

Primary Area: alignment, fairness, safety, privacy, and societal considerations

Code Of Ethics: I acknowledge that I and all co-authors of this work have read and commit to adhering to the ICLR Code of Ethics.

Submission Guidelines: I certify that this submission complies with the submission instructions as described on https://iclr.cc/Conferences/2025/AuthorGuide.

Reciprocal Reviewing: I understand the reciprocal reviewing requirement as described on https://iclr.cc/Conferences/2025/CallForPapers. If none of the authors are registered as a reviewer, it may result in a desk rejection at the discretion of the program chairs. To request an exception, please complete this form at https://forms.gle/Huojr6VjkFxiQsUp6.

Anonymous Url: I certify that there is no URL (e.g., github page) that could be used to find authors’ identity.

No Acknowledgement Section: I certify that there is no acknowledgement section in this submission for double blind review.

Submission Number: 3580

Loading