Diffusion Models (DMs) achieve state-of-the-art performance in generative tasks, boosting a wave in AI for Art. Despite the success of commercialization, DMs meanwhile provide tools for copyright violations, where infringers benefit from illegally using paintings created by human artists to train DMs and generate novel paintings in a similar style. In this paper, we show that it is possible to create an image $x'$ that is similar to an image $x$ for human vision but unrecognizable for DMs. We build a framework to define and evaluate this adversarial example for diffusion models. Based on the framework, we further propose AdvDM, an algorithm to generate adversarial examples for DMs. By optimizing upon different latent variables sampled from the reverse process of DMs, AdvDM conducts a Monte-Carlo estimation of adversarial examples for DMs. Extensive experiments show that the estimated adversarial examples can effectively hinder DMs from extracting their features. Our method can be a powerful tool for human artists to protect their copyright against infringers with DM-based AI-for-Art applications.

翻译：传播模型(DMs)在基因化任务方面达到最先进的表现,使AI的艺术作品大增。 尽管商业化取得了成功,但DMs同时为侵犯版权提供了工具,使侵权者从非法利用人类艺术家制作的绘画来培训DMs和以类似的方式制作新画中受益。在本文中,我们表明,有可能制作一个类似于人类视觉图像($x美元)但DMs无法辨认的图像($x美元)的图像。我们建立了一个框架来界定和评价传播模型的这种对抗性例子。根据该框架,我们进一步提议AdvDM(AdvDM),这是为DMs制作对抗性例子的一种算法。通过优化从DMs反向过程抽样的不同潜在变量,AdvDM(DD)对DM(D)的对抗性实例进行了蒙特-Carlo(MDs)估计。广泛的实验表明,估计的对抗性例子可以有效地妨碍DMs(Ds)提取其特征。我们的方法可以成为人类艺术家保护其版权不受侵犯的强大工具。