Adversarial Perturbations Cannot Reliably Protect Artists From Generative AI

TL;DR

This paper critically evaluates popular adversarial protection tools for artists against AI-generated style mimicry, revealing their ineffectiveness and the ease of bypassing them with simple techniques, thus urging for alternative solutions.

Contribution

The study demonstrates that existing adversarial protection methods are ineffective and easily bypassed, highlighting the need for non-technological solutions to protect artists' styles.

Findings

Existing protections can be easily bypassed with simple techniques.

Low-effort methods like image upscaling undermine protection effectiveness.

All tested protections fail to reliably prevent style mimicry.

Abstract

Artists are increasingly concerned about advancements in image generation models that can closely replicate their unique artistic styles. In response, several protection tools against style mimicry have been developed that incorporate small adversarial perturbations into artworks published online. In this work, we evaluate the effectiveness of popular protections -- with millions of downloads -- and show they only provide a false sense of security. We find that low-effort and "off-the-shelf" techniques, such as image upscaling, are sufficient to create robust mimicry methods that significantly degrade existing protections. Through a user study, we demonstrate that all existing protections can be easily bypassed, leaving artists vulnerable to style mimicry. We caution that tools based on adversarial perturbations cannot reliably protect artists from the misuse of generative AI, and urge the development of alternative non-technological solutions.