Notice: The reproducibility variables underlying each score are classified using an automated LLM-based pipeline, validated against a manually labeled dataset. LLM-based classification introduces uncertainty and potential bias; scores should be interpreted as estimates. Full accuracy metrics and methodology are described in Coakley et alK. L. Coakley, T. Snelleman, H. Hoos, and O. E. Gundersen, "The embrace of open science: An analysis of a decade of AI research and 56 800 conference papers," Under Review, 2026..
StyleGuard: Preventing Text-to-Image-Model-based Style Mimicry Attacks by Style Perturbations
Authors: Yanjie Li, Wenxuan Zhang, Xinqi Lyu, Yihao LIU, Bin Xiao
NeurIPS 2025 | Venue PDF | LLM Run Details
| Reproducibility Variable | Result | LLM Response |
|---|---|---|
| Research Type | Experimental | Extensive experiments on the Wiki Art and Celeb A datasets demonstrate that Style Guard outperforms existing methods in robustness against various transformations and purifications, effectively countering style mimicry in various models. |
| Researcher Affiliation | Academia | Yanjie Li, Wenxuan Zhang, Xinqi Lyu, Yihao Liu, Bin Xiao Department of Computing, Hong Kong Polytechnic University {yanjie.li, leo02.zhang, xinqi.lyu, yihao5.liu} @connect.polyu.hk EMAIL |
| Pseudocode | Yes | The final algorithm is shown in Algorithm 1. Algorithm 1 The Algorithm of Style Guard |
| Open Source Code | Yes | The code is available at https://github.com/Poly Li YJ/Style Guard. |
| Open Datasets | Yes | Extensive experiments on the Wiki Art and Celeb A datasets demonstrate that Style Guard outperforms existing methods in robustness against various transformations and purifications, effectively countering style mimicry in various models. Moreover, Style Guard is effective on different style mimicry methods, including Dream Booth and Textual Inversion. The code is available at https://github.com/Poly Li YJ/Style Guard. |
| Dataset Splits | Yes | For our style mimicry attacks, we randomly selected 40 artists with different art styles and 20 artworks from each artist, using 10 for training and 10 for evalution. For the Celeb A dataset, we randomly select 100 identities, using 10 images per identity to fine-tune the LDM model and another 10 images for evaluation. |
| Hardware Specification | Yes | We generate the perturbations using eight NVIDIA 3090 GPUs. |
| Software Dependencies | No | The paper mentions 'Diffusers library' and 'diffusers package' but does not provide specific version numbers for any software components. For example: 'We used the official script from the Diffusers library for Dream Booth fine-tuning.' and 'We use the official code for the textual inversion from the diffusers package'. |
| Experiment Setup | Yes | The fine-tuning steps, denoted as K1, are set to 3, while the PGD steps, denoted as K2, are set to 6. The total training steps N are set to 100. The target image is randomly selected from a different art genre. The PGD budget is configured to 8 255, and the PGD step size is set to 0.005. Additionally, the weight of upscale loss (η) is set to 1, and the weight of the style loss (λ) is set to 10. For the training of Dream Booth, we use a learning rate of 5e-6, with the prior reservation loss weight set to 1.0. |