Enregistré dans:
Détails bibliographiques
Auteurs principaux: Cretu, Ana-Maria, Kireev, Klim, Abdalla, Amro, Obinna, Wisdom, Meier, Raphael, Bargal, Sarah Adel, Redmiles, Elissa M., Troncoso, Carmela
Format: Preprint
Publié: 2025
Sujets:
Accès en ligne:https://arxiv.org/abs/2512.05707
Tags: Ajouter un tag
Pas de tags, Soyez le premier à ajouter un tag!
_version_ 1866918464726237184
author Cretu, Ana-Maria
Kireev, Klim
Abdalla, Amro
Obinna, Wisdom
Meier, Raphael
Bargal, Sarah Adel
Redmiles, Elissa M.
Troncoso, Carmela
author_facet Cretu, Ana-Maria
Kireev, Klim
Abdalla, Amro
Obinna, Wisdom
Meier, Raphael
Bargal, Sarah Adel
Redmiles, Elissa M.
Troncoso, Carmela
contents We evaluate the effectiveness of filtering child images from training datasets of text-to-image models to prevent model misuse to create child sexual abuse material (CSAM). First, we capture the complexity of preventing CSAM generation using a game-based security definition. Second, we show that current detection methods cannot remove all children from a dataset. Third, using an ethical proxy for CSAM (a child wearing glasses), we show that even when only a small percentage of child images are left in the training dataset after filtering, there exist prompting strategies that generate a child wearing glasses using only a few more queries than when the model is trained on the unfiltered data. Fine-tuning the filtered model on child images further reduces the additional query overhead. We also show that re-introducing a concept is possible via fine-tuning even if filtering is perfect. Our results show that current child filtering methods offer limited protection to closed-weight models and no protection to open-weight models, while reducing the generality of the model by hindering the generation of child-related concepts or changing their representation. We conclude by outlining challenges in conducting evaluations that establish robust evidence on the impact of concept filtering defenses for CSAM.
format Preprint
id arxiv_https___arxiv_org_abs_2512_05707
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle Evaluating Concept Filtering Defenses against Child Sexual Abuse Material Generation by Text-to-Image Models
Cretu, Ana-Maria
Kireev, Klim
Abdalla, Amro
Obinna, Wisdom
Meier, Raphael
Bargal, Sarah Adel
Redmiles, Elissa M.
Troncoso, Carmela
Cryptography and Security
We evaluate the effectiveness of filtering child images from training datasets of text-to-image models to prevent model misuse to create child sexual abuse material (CSAM). First, we capture the complexity of preventing CSAM generation using a game-based security definition. Second, we show that current detection methods cannot remove all children from a dataset. Third, using an ethical proxy for CSAM (a child wearing glasses), we show that even when only a small percentage of child images are left in the training dataset after filtering, there exist prompting strategies that generate a child wearing glasses using only a few more queries than when the model is trained on the unfiltered data. Fine-tuning the filtered model on child images further reduces the additional query overhead. We also show that re-introducing a concept is possible via fine-tuning even if filtering is perfect. Our results show that current child filtering methods offer limited protection to closed-weight models and no protection to open-weight models, while reducing the generality of the model by hindering the generation of child-related concepts or changing their representation. We conclude by outlining challenges in conducting evaluations that establish robust evidence on the impact of concept filtering defenses for CSAM.
title Evaluating Concept Filtering Defenses against Child Sexual Abuse Material Generation by Text-to-Image Models
topic Cryptography and Security
url https://arxiv.org/abs/2512.05707