Saved in:
Bibliographic Details
Main Authors: Jia, Jun, Miao, Hongyi, Zhou, Yingjie, Zhou, Wangqiu, Zhang, Jianbo, Cao, Linhan, Zhu, Dandan, Yang, Hua, Min, Xiongkuo, Sun, Wei, Zhai, Guangtao
Format: Preprint
Published: 2025
Subjects:
Online Access:https://arxiv.org/abs/2512.00075
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866908680827437056
author Jia, Jun
Miao, Hongyi
Zhou, Yingjie
Zhou, Wangqiu
Zhang, Jianbo
Cao, Linhan
Zhu, Dandan
Yang, Hua
Min, Xiongkuo
Sun, Wei
Zhai, Guangtao
author_facet Jia, Jun
Miao, Hongyi
Zhou, Yingjie
Zhou, Wangqiu
Zhang, Jianbo
Cao, Linhan
Zhu, Dandan
Yang, Hua
Min, Xiongkuo
Sun, Wei
Zhai, Guangtao
contents With the rapid progress in diffusion models, image synthesis has advanced to the stage of zero-shot image-to-image generation, where high-fidelity replication of facial identities or artistic styles can be achieved using just one portrait or artwork, without modifying any model weights. Although these techniques significantly enhance creative possibilities, they also pose substantial risks related to intellectual property violations, including unauthorized identity cloning and stylistic imitation. To counter such threats, this work presents Adapter Shield, the first universal and authentication-integrated solution aimed at defending personal images from misuse in zero-shot generation scenarios. We first investigate how current zero-shot methods employ image encoders to extract embeddings from input images, which are subsequently fed into the UNet of diffusion models through cross-attention layers. Inspired by this mechanism, we construct a reversible encryption system that maps original embeddings into distinct encrypted representations according to different secret keys. The authorized users can restore the authentic embeddings via a decryption module and the correct key, enabling normal usage for authorized generation tasks. For protection purposes, we design a multi-target adversarial perturbation method that actively shifts the original embeddings toward designated encrypted patterns. Consequently, protected images are embedded with a defensive layer that ensures unauthorized users can only produce distorted or encrypted outputs. Extensive evaluations demonstrate that our method surpasses existing state-of-the-art defenses in blocking unauthorized zero-shot image synthesis, while supporting flexible and secure access control for verified users.
format Preprint
id arxiv_https___arxiv_org_abs_2512_00075
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle Adapter Shield: A Unified Framework with Built-in Authentication for Preventing Unauthorized Zero-Shot Image-to-Image Generation
Jia, Jun
Miao, Hongyi
Zhou, Yingjie
Zhou, Wangqiu
Zhang, Jianbo
Cao, Linhan
Zhu, Dandan
Yang, Hua
Min, Xiongkuo
Sun, Wei
Zhai, Guangtao
Computer Vision and Pattern Recognition
Image and Video Processing
With the rapid progress in diffusion models, image synthesis has advanced to the stage of zero-shot image-to-image generation, where high-fidelity replication of facial identities or artistic styles can be achieved using just one portrait or artwork, without modifying any model weights. Although these techniques significantly enhance creative possibilities, they also pose substantial risks related to intellectual property violations, including unauthorized identity cloning and stylistic imitation. To counter such threats, this work presents Adapter Shield, the first universal and authentication-integrated solution aimed at defending personal images from misuse in zero-shot generation scenarios. We first investigate how current zero-shot methods employ image encoders to extract embeddings from input images, which are subsequently fed into the UNet of diffusion models through cross-attention layers. Inspired by this mechanism, we construct a reversible encryption system that maps original embeddings into distinct encrypted representations according to different secret keys. The authorized users can restore the authentic embeddings via a decryption module and the correct key, enabling normal usage for authorized generation tasks. For protection purposes, we design a multi-target adversarial perturbation method that actively shifts the original embeddings toward designated encrypted patterns. Consequently, protected images are embedded with a defensive layer that ensures unauthorized users can only produce distorted or encrypted outputs. Extensive evaluations demonstrate that our method surpasses existing state-of-the-art defenses in blocking unauthorized zero-shot image synthesis, while supporting flexible and secure access control for verified users.
title Adapter Shield: A Unified Framework with Built-in Authentication for Preventing Unauthorized Zero-Shot Image-to-Image Generation
topic Computer Vision and Pattern Recognition
Image and Video Processing
url https://arxiv.org/abs/2512.00075