There is a growing interest in developing unlearnable examples (UEs) against visual privacy leaks on the Internet. UEs are training samples added with invisible but unlearnable noise, which have been found can prevent unauthorized training of machine learning models. UEs typically are generated via a bilevel optimization framework with a surrogate model to remove (minimize) errors from the original samples, and then applied to protect the data against unknown target models. However, existing UE generation methods all rely on an ideal assumption called label-consistency, where the hackers and protectors are assumed to hold the same label for a given sample. In this work, we propose and promote a more practical label-agnostic setting, where the hackers may exploit the protected data quite differently from the protectors. E.g., a m-class unlearnable dataset held by the protector may be exploited by the hacker as a n-class dataset. Existing UE generation methods are rendered ineffective in this challenging setting. To tackle this challenge, we present a novel technique called Unlearnable Clusters (UCs) to generate label-agnostic unlearnable examples with cluster-wise perturbations. Furthermore, we propose to leverage VisionandLanguage Pre-trained Models (VLPMs) like CLIP as the surrogate model to improve the transferability of the crafted UCs to diverse domains. We empirically verify the effectiveness of our proposed approach under a variety of settings with different datasets, target models, and even commercial platforms Microsoft Azure and Baidu PaddlePaddle. Code is available at \url{https://github.com/jiamingzhang94/Unlearnable-Clusters}.

翻译：随着互联网上视觉隐私泄露问题的日益突出，不可学习样本（UEs）的研究备受关注。UEs是添加了不可见但不可学习噪声的训练样本，已被证明能够阻止机器学习模型的未授权训练。通常，UEs通过一个包含代理模型的双层优化框架生成，用于移除（最小化）原始样本中的错误，进而保护数据免受未知目标模型的侵害。然而，现有UE生成方法均依赖一种称为"标签一致性"的理想假设，即假设攻击者和保护者对于给定样本持有相同标签。本文提出并推广了一种更实用的"标签无关"场景，其中攻击者可能以与保护者完全不同的方式利用受保护数据。例如，保护者持有的m类不可学习数据集，可能被攻击者当作n类数据集使用。在此挑战性场景下，现有UE生成方法失效。为解决该问题，我们提出一种名为"不可学习聚类"（UCs）的新技术，通过聚类级扰动生成标签无关的不可学习样本。此外，我们提出利用视觉语言预训练模型（如CLIP）作为代理模型，以提升所构建UCs在不同领域间的可迁移性。我们在多种设置下（包括不同数据集、目标模型，以及微软Azure和百度飞桨等商业平台）通过实验验证了所提方法的有效性。代码见：\url{https://github.com/jiamingzhang94/Unlearnable-Clusters}。