惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

N
Netflix TechBlog - Medium
V
Vulnerabilities – Threatpost
Google Online Security Blog
Google Online Security Blog
Hugging Face - Blog
Hugging Face - Blog
L
LINUX DO - 热门话题
云风的 BLOG
云风的 BLOG
P
Proofpoint News Feed
D
Docker
C
Cyber Attacks, Cyber Crime and Cyber Security
MyScale Blog
MyScale Blog
P
Palo Alto Networks Blog
T
Tenable Blog
P
Privacy International News Feed
Google DeepMind News
Google DeepMind News
小众软件
小众软件
Cisco Talos Blog
Cisco Talos Blog
aimingoo的专栏
aimingoo的专栏
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
A
Arctic Wolf
C
Cybersecurity and Infrastructure Security Agency CISA
C
Cisco Blogs
T
Threat Research - Cisco Blogs
NISL@THU
NISL@THU
The Hacker News
The Hacker News
Project Zero
Project Zero
AWS News Blog
AWS News Blog
Simon Willison's Weblog
Simon Willison's Weblog
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
T
Threatpost
V
Visual Studio Blog
The GitHub Blog
The GitHub Blog
The Cloudflare Blog
Last Week in AI
Last Week in AI
Jina AI
Jina AI
Cyberwarzone
Cyberwarzone
The Register - Security
The Register - Security
C
CXSECURITY Database RSS Feed - CXSecurity.com
Vercel News
Vercel News
D
Darknet – Hacking Tools, Hacker News & Cyber Security
MongoDB | Blog
MongoDB | Blog
U
Unit 42
Scott Helme
Scott Helme
A
About on SuperTechFans
WordPress大学
WordPress大学
F
Fortinet All Blogs
大猫的无限游戏
大猫的无限游戏
G
GRAHAM CLULEY
Latest news
Latest news
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
S
Schneier on Security

University of Cambridge - Cybersecurity

Price of a bot army revealed across hundreds of online platforms Whistleblowing tech based on Cambridge research launched by the Guardian Researchers demonstrate the UK’s first long-distance ultra-secure communication over a quantum network Building business partnerships Architecting the future Honour among thieves: the study of a cybercrime marketplace in action Lockdown 'helps fuel rise in cybercrime' Prevention better than cure at keeping young users from getting involved in cybercrime Most laptops vulnerable to attack via peripheral devices, say researchers
AI art protection tools still leave creators at risk, researchers say
Anonymous · 2025-06-24 · via University of Cambridge - Cybersecurity

Artists urgently need stronger defences to protect their work from being used to train AI models without their consent.  

So say a team of researchers who have uncovered significant weaknesses in two of the art protection tools most used by artists to safeguard their work.

According to their creators, Glaze and NightShade were both developed to protect human creatives against the invasive uses of generative artificial intelligence.

The tools are popular with digital artists who want to stop artificial intelligence models (like the AI art generator Stable Diffusion) from copying their unique styles without consent. Together, Glaze and NightShade have been downloaded almost nine million times.

But according to an international group of researchers, these tools have critical weaknesses that mean they cannot reliably stop AI models from training on artists’ work.

The tools add subtle, invisible distortions (known as poisoning perturbations) to digital images. These ‘poisons’ are designed to confuse AI models during training. Glaze takes a passive approach, hindering the AI model’s ability to extract key stylistic features. NightShade goes further, actively corrupting the learning process by causing the AI model to associate an artist’s style with unrelated concepts.

But the researchers have created a method – called LightShed – that can bypass these protections. LightShed can detect, reverse-engineer and remove these distortions, effectively stripping away the poisons and rendering the images usable again for Generative AI model training.

It was developed by researchers at the University of Cambridge along with colleagues at the Technical University Darmstadt and the University of Texas at San Antonio. The researchers hope that by publicising their work – which will be presented at the USENIX Security Symposium, a major security conference, in August – they can let creatives know that there are major issues with art protection tools.

LightShed works through a three-step process. It first identifies whether an image has been altered with known poisoning techniques.

In a second, reverse engineering step, it learns the characteristics of the perturbations using publicly available poisoned examples. Finally, it eliminates the poison to restore the image to its original, unprotected form.

In experimental evaluations, LightShed detected NightShade-protected images with 99.98% accuracy and effectively removed the embedded protections from those images.

“This shows that even when using tools like NightShade, artists are still at risk of their work being used for training AI models without their consent,” said first author Hanna Foerster from Cambridge’s Department of Computer Science and Technology, who conducted the work during an internship at TU Darmstadt.

Although LightShed reveals serious vulnerabilities in art protection tools, the researchers stress that it was developed not as an attack on them – but rather an urgent call to action to produce better, more adaptive ones.

“We see this as a chance to co-evolve defenses,” said co-author Professor Ahmad-Reza Sadeghi from the Technical University of Darmstadt. “Our goal is to collaborate with other scientists in this field and support the artistic community in developing tools that can withstand advanced adversaries.”

The landscape of AI and digital creativity is rapidly evolving. In March this year, OpenAI rolled out a ChatGPT image model that could instantly produce artwork in the style of Studio Ghibli, the Japanese animation studio.

This sparked a wide range of viral memes – and equally wide discussions about image copyright, in which legal analysts noted that Studio Ghibli would be limited in how it could respond to this since copyright law protects specific expression, not a specific artistic ‘style’.  

Following these discussions, OpenAI announced prompt safeguards to block some user requests to generate images in the styles of living artists.  

But issues over generative AI and copyright are ongoing, as highlighted by the copyright and trademark infringement case currently being heard in London’s high court.

Global photography agency Getty Images is alleging that London-based AI company Stability AI trained its image generation model on the agency’s huge archive of copyrighted pictures. Stability AI is fighting Getty’s claim and arguing that the case represents an “overt threat” to the generative AI industry.

And earlier this month, Disney and Universal announced they are suing AI firm Midjourney over its image generator, which the two companies said is a “bottomless pit of plagiarism.”

“What we hope to do with our work is to highlight the urgent need for a roadmap towards more resilient, artist-centred protection strategies,” said Foerster. “We must let creatives know that they are still at risk and collaborate with others to develop better art protection tools in future.”

Hanna Foerster is a member of Downing College, Cambridge. 

Reference:
Hanna Foerster et al. ‘LightShed: Defeating Perturbation-based Image Copyright Protections.’ Paper presented at the 34th USENIX Security Symposium. https://www.usenix.org/conference/usenixsecurity25/presentation/foerster