Enregistré dans:
| Auteurs principaux: | , , , , , , , |
|---|---|
| Format: | Preprint |
| Publié: |
2025
|
| Sujets: | |
| Accès en ligne: | https://arxiv.org/abs/2512.05707 |
| Tags: |
Ajouter un tag
Pas de tags, Soyez le premier à ajouter un tag!
|
| _version_ | 1866918464726237184 |
|---|---|
| author | Cretu, Ana-Maria Kireev, Klim Abdalla, Amro Obinna, Wisdom Meier, Raphael Bargal, Sarah Adel Redmiles, Elissa M. Troncoso, Carmela |
| author_facet | Cretu, Ana-Maria Kireev, Klim Abdalla, Amro Obinna, Wisdom Meier, Raphael Bargal, Sarah Adel Redmiles, Elissa M. Troncoso, Carmela |
| contents | We evaluate the effectiveness of filtering child images from training datasets of text-to-image models to prevent model misuse to create child sexual abuse material (CSAM). First, we capture the complexity of preventing CSAM generation using a game-based security definition. Second, we show that current detection methods cannot remove all children from a dataset. Third, using an ethical proxy for CSAM (a child wearing glasses), we show that even when only a small percentage of child images are left in the training dataset after filtering, there exist prompting strategies that generate a child wearing glasses using only a few more queries than when the model is trained on the unfiltered data. Fine-tuning the filtered model on child images further reduces the additional query overhead. We also show that re-introducing a concept is possible via fine-tuning even if filtering is perfect. Our results show that current child filtering methods offer limited protection to closed-weight models and no protection to open-weight models, while reducing the generality of the model by hindering the generation of child-related concepts or changing their representation. We conclude by outlining challenges in conducting evaluations that establish robust evidence on the impact of concept filtering defenses for CSAM. |
| format | Preprint |
| id |
arxiv_https___arxiv_org_abs_2512_05707 |
| institution | arXiv |
| publishDate | 2025 |
| record_format | arxiv |
| spellingShingle | Evaluating Concept Filtering Defenses against Child Sexual Abuse Material Generation by Text-to-Image Models Cretu, Ana-Maria Kireev, Klim Abdalla, Amro Obinna, Wisdom Meier, Raphael Bargal, Sarah Adel Redmiles, Elissa M. Troncoso, Carmela Cryptography and Security We evaluate the effectiveness of filtering child images from training datasets of text-to-image models to prevent model misuse to create child sexual abuse material (CSAM). First, we capture the complexity of preventing CSAM generation using a game-based security definition. Second, we show that current detection methods cannot remove all children from a dataset. Third, using an ethical proxy for CSAM (a child wearing glasses), we show that even when only a small percentage of child images are left in the training dataset after filtering, there exist prompting strategies that generate a child wearing glasses using only a few more queries than when the model is trained on the unfiltered data. Fine-tuning the filtered model on child images further reduces the additional query overhead. We also show that re-introducing a concept is possible via fine-tuning even if filtering is perfect. Our results show that current child filtering methods offer limited protection to closed-weight models and no protection to open-weight models, while reducing the generality of the model by hindering the generation of child-related concepts or changing their representation. We conclude by outlining challenges in conducting evaluations that establish robust evidence on the impact of concept filtering defenses for CSAM. |
| title | Evaluating Concept Filtering Defenses against Child Sexual Abuse Material Generation by Text-to-Image Models |
| topic | Cryptography and Security |
| url | https://arxiv.org/abs/2512.05707 |