惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

V
V2EX
W
WeLiveSecurity
IT之家
IT之家
A
About on SuperTechFans
B
Blog
L
LangChain Blog
H
Help Net Security
Engineering at Meta
Engineering at Meta
Recent Announcements
Recent Announcements
Google Online Security Blog
Google Online Security Blog
宝玉的分享
宝玉的分享
MyScale Blog
MyScale Blog
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
N
News and Events Feed by Topic
Schneier on Security
Schneier on Security
GbyAI
GbyAI
博客园 - 叶小钗
人人都是产品经理
人人都是产品经理
S
SegmentFault 最新的问题
Cloudbric
Cloudbric
WordPress大学
WordPress大学
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
Y
Y Combinator Blog
S
Security Affairs
The Last Watchdog
The Last Watchdog
H
Heimdal Security Blog
T
The Blog of Author Tim Ferriss
Last Week in AI
Last Week in AI
博客园 - 聂微东
H
Hackread – Cybersecurity News, Data Breaches, AI and More
P
Privacy & Cybersecurity Law Blog
V
Visual Studio Blog
H
Hacker News: Front Page
Recorded Future
Recorded Future
Cyberwarzone
Cyberwarzone
L
Lohrmann on Cybersecurity
Simon Willison's Weblog
Simon Willison's Weblog
P
Privacy International News Feed
博客园 - 三生石上(FineUI控件)
大猫的无限游戏
大猫的无限游戏
www.infosecurity-magazine.com
www.infosecurity-magazine.com
Blog — PlanetScale
Blog — PlanetScale
G
Google Developers Blog
aimingoo的专栏
aimingoo的专栏
C
Cybersecurity and Infrastructure Security Agency CISA
AWS News Blog
AWS News Blog
Jina AI
Jina AI
N
News | PayPal Newsroom
S
Schneier on Security

University of Cambridge - Cybersecurity

Price of a bot army revealed across hundreds of online platforms Whistleblowing tech based on Cambridge research launched by the Guardian Researchers demonstrate the UK’s first long-distance ultra-secure communication over a quantum network Building business partnerships Architecting the future Honour among thieves: the study of a cybercrime marketplace in action Lockdown 'helps fuel rise in cybercrime' Prevention better than cure at keeping young users from getting involved in cybercrime Most laptops vulnerable to attack via peripheral devices, say researchers
AI art protection tools still leave creators at risk, researchers say
Anonymous · 2025-06-24 · via University of Cambridge - Cybersecurity

Artists urgently need stronger defences to protect their work from being used to train AI models without their consent.  

So say a team of researchers who have uncovered significant weaknesses in two of the art protection tools most used by artists to safeguard their work.

According to their creators, Glaze and NightShade were both developed to protect human creatives against the invasive uses of generative artificial intelligence.

The tools are popular with digital artists who want to stop artificial intelligence models (like the AI art generator Stable Diffusion) from copying their unique styles without consent. Together, Glaze and NightShade have been downloaded almost nine million times.

But according to an international group of researchers, these tools have critical weaknesses that mean they cannot reliably stop AI models from training on artists’ work.

The tools add subtle, invisible distortions (known as poisoning perturbations) to digital images. These ‘poisons’ are designed to confuse AI models during training. Glaze takes a passive approach, hindering the AI model’s ability to extract key stylistic features. NightShade goes further, actively corrupting the learning process by causing the AI model to associate an artist’s style with unrelated concepts.

But the researchers have created a method – called LightShed – that can bypass these protections. LightShed can detect, reverse-engineer and remove these distortions, effectively stripping away the poisons and rendering the images usable again for Generative AI model training.

It was developed by researchers at the University of Cambridge along with colleagues at the Technical University Darmstadt and the University of Texas at San Antonio. The researchers hope that by publicising their work – which will be presented at the USENIX Security Symposium, a major security conference, in August – they can let creatives know that there are major issues with art protection tools.

LightShed works through a three-step process. It first identifies whether an image has been altered with known poisoning techniques.

In a second, reverse engineering step, it learns the characteristics of the perturbations using publicly available poisoned examples. Finally, it eliminates the poison to restore the image to its original, unprotected form.

In experimental evaluations, LightShed detected NightShade-protected images with 99.98% accuracy and effectively removed the embedded protections from those images.

“This shows that even when using tools like NightShade, artists are still at risk of their work being used for training AI models without their consent,” said first author Hanna Foerster from Cambridge’s Department of Computer Science and Technology, who conducted the work during an internship at TU Darmstadt.

Although LightShed reveals serious vulnerabilities in art protection tools, the researchers stress that it was developed not as an attack on them – but rather an urgent call to action to produce better, more adaptive ones.

“We see this as a chance to co-evolve defenses,” said co-author Professor Ahmad-Reza Sadeghi from the Technical University of Darmstadt. “Our goal is to collaborate with other scientists in this field and support the artistic community in developing tools that can withstand advanced adversaries.”

The landscape of AI and digital creativity is rapidly evolving. In March this year, OpenAI rolled out a ChatGPT image model that could instantly produce artwork in the style of Studio Ghibli, the Japanese animation studio.

This sparked a wide range of viral memes – and equally wide discussions about image copyright, in which legal analysts noted that Studio Ghibli would be limited in how it could respond to this since copyright law protects specific expression, not a specific artistic ‘style’.  

Following these discussions, OpenAI announced prompt safeguards to block some user requests to generate images in the styles of living artists.  

But issues over generative AI and copyright are ongoing, as highlighted by the copyright and trademark infringement case currently being heard in London’s high court.

Global photography agency Getty Images is alleging that London-based AI company Stability AI trained its image generation model on the agency’s huge archive of copyrighted pictures. Stability AI is fighting Getty’s claim and arguing that the case represents an “overt threat” to the generative AI industry.

And earlier this month, Disney and Universal announced they are suing AI firm Midjourney over its image generator, which the two companies said is a “bottomless pit of plagiarism.”

“What we hope to do with our work is to highlight the urgent need for a roadmap towards more resilient, artist-centred protection strategies,” said Foerster. “We must let creatives know that they are still at risk and collaborate with others to develop better art protection tools in future.”

Hanna Foerster is a member of Downing College, Cambridge. 

Reference:
Hanna Foerster et al. ‘LightShed: Defeating Perturbation-based Image Copyright Protections.’ Paper presented at the 34th USENIX Security Symposium. https://www.usenix.org/conference/usenixsecurity25/presentation/foerster