Fooling the Watchers: Breaking AIGC Detectors via Semantic Prompt Attacks

TL;DR

This paper presents an automated framework for generating semantic prompts that can systematically evade AIGC detectors in text-to-image models, highlighting vulnerabilities and aiding in robustness evaluation.

Contribution

It introduces a novel semantic prompt generation method using grammar trees and Monte Carlo search to systematically attack AIGC detectors.

Findings

Successfully evades multiple AIGC detectors

Ranks first in a real-world adversarial detection competition

Creates high-quality adversarial datasets for robustness testing

Abstract

The rise of text-to-image (T2I) models has enabled the synthesis of photorealistic human portraits, raising serious concerns about identity misuse and the robustness of AIGC detectors. In this work, we propose an automated adversarial prompt generation framework that leverages a grammar tree structure and a variant of the Monte Carlo tree search algorithm to systematically explore the semantic prompt space. Our method generates diverse, controllable prompts that consistently evade both open-source and commercial AIGC detectors. Extensive experiments across multiple T2I models validate its effectiveness, and the approach ranked first in a real-world adversarial AIGC detection competition. Beyond attack scenarios, our method can also be used to construct high-quality adversarial datasets, providing valuable resources for training and evaluating more robust AIGC detection and defense systems.