Invisible hints such as logos embedded in images are re-rendered by diffusion models during text-guided editing, enabling phishing and model-poisoning attacks with average success rates of 44.4% and 32.2%.
SurrogatePrompt: Bypassing the safety filter of text-to-image models 14 via substitution
2 Pith papers cite this work. Polarity classification is still indexing.
2
Pith papers citing it
fields
cs.CR 2years
2026 2verdicts
UNVERDICTED 2representative citing papers
Introduces formal verification to compute certified neuron range bounds for CKKS-encrypted neural networks, eliminating overflow failures that previously reached 47%.
citing papers explorer
-
Generate "Normal", Edit Poisoned: Branding Injection via Hint Embedding in Image Editing
Invisible hints such as logos embedded in images are re-rendered by diffusion models during text-guided editing, enabling phishing and model-poisoning attacks with average success rates of 44.4% and 32.2%.
-
Encrypted Neural Networks without Overflows
Introduces formal verification to compute certified neuron range bounds for CKKS-encrypted neural networks, eliminating overflow failures that previously reached 47%.