Saved in:
Bibliographic Details
Main Authors: Zhang, Bingxue, Gao, Yang, Zhu, Feida, Shen, Yanyan, Shi, Yang
Format: Preprint
Published: 2026
Subjects:
Online Access:https://arxiv.org/abs/2603.14860
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866917345565343744
author Zhang, Bingxue
Gao, Yang
Zhu, Feida
Shen, Yanyan
Shi, Yang
author_facet Zhang, Bingxue
Gao, Yang
Zhu, Feida
Shen, Yanyan
Shi, Yang
contents Generative AI deployment poses unprecedented challenges to content safety and privacy. However, existing defense mechanisms are often tailored to specific architectures (e.g., Diffusion Models or GANs), creating fragile "defense silos" that fail against heterogeneous generative threats. This paper identifies a fundamental optimization barrier in naive pixel-space ensemble strategies: due to divergent objective functions, pixel-level gradients from heterogeneous generators become statistically orthogonal, causing destructive interference. To overcome this, we observe that despite disparate low-level mechanisms, high-level feature representations of generated content exhibit alignment across architectures. Based on this, we propose the Architecture-Agnostic Targeted Feature Synergy (ATFS) framework. By introducing a target guidance image, ATFS reformulates multi-model defense as a unified feature space alignment task, enabling intrinsic gradient alignment without complex rectification. Extensive experiments show ATFS achieves SOTA protection in heterogeneous scenarios (e.g., Diffusion+GAN). It converges rapidly, reaching over 90% performance within 40 iterations, and maintains strong attack potency even under tight perturbation budgets. The framework seamlessly extends to unseen architectures (e.g., VQ-VAE) by switching the feature extractor, and demonstrates robust resistance to JPEG compression and scaling. Being computationally efficient and lightweight, ATFS offers a viable pathway to dismantle defense silos and enable universal generative security. Code and models are open-sourced for reproducibility.
format Preprint
id arxiv_https___arxiv_org_abs_2603_14860
institution arXiv
publishDate 2026
record_format arxiv
spellingShingle Architecture-Agnostic Feature Synergy for Universal Defense Against Heterogeneous Generative Threats
Zhang, Bingxue
Gao, Yang
Zhu, Feida
Shen, Yanyan
Shi, Yang
Cryptography and Security
Artificial Intelligence
I.2.10; K.6.5
Generative AI deployment poses unprecedented challenges to content safety and privacy. However, existing defense mechanisms are often tailored to specific architectures (e.g., Diffusion Models or GANs), creating fragile "defense silos" that fail against heterogeneous generative threats. This paper identifies a fundamental optimization barrier in naive pixel-space ensemble strategies: due to divergent objective functions, pixel-level gradients from heterogeneous generators become statistically orthogonal, causing destructive interference. To overcome this, we observe that despite disparate low-level mechanisms, high-level feature representations of generated content exhibit alignment across architectures. Based on this, we propose the Architecture-Agnostic Targeted Feature Synergy (ATFS) framework. By introducing a target guidance image, ATFS reformulates multi-model defense as a unified feature space alignment task, enabling intrinsic gradient alignment without complex rectification. Extensive experiments show ATFS achieves SOTA protection in heterogeneous scenarios (e.g., Diffusion+GAN). It converges rapidly, reaching over 90% performance within 40 iterations, and maintains strong attack potency even under tight perturbation budgets. The framework seamlessly extends to unseen architectures (e.g., VQ-VAE) by switching the feature extractor, and demonstrates robust resistance to JPEG compression and scaling. Being computationally efficient and lightweight, ATFS offers a viable pathway to dismantle defense silos and enable universal generative security. Code and models are open-sourced for reproducibility.
title Architecture-Agnostic Feature Synergy for Universal Defense Against Heterogeneous Generative Threats
topic Cryptography and Security
Artificial Intelligence
I.2.10; K.6.5
url https://arxiv.org/abs/2603.14860