log in  |  register  |  feedback?  |  help  |  web accessibility
PhD Proposal: Towards Private and Trustworthy Generative Models
Yuxin Wen
IRB-4107 or https://umd.zoom.us/j/4139538360
Wednesday, April 9, 2025, 11:00 am-12:30 pm
  • You are subscribed to this talk through .
  • You are watching this talk through .
  • You are subscribed to this talk. (unsubscribe, watch)
  • You are watching this talk. (unwatch, subscribe)
  • You are not subscribed to this talk. (watch, subscribe)
Abstract

The rapid advancement of Generative AI has achieved transformative capabilities, yet it also introduces critical challenges to security and trustworthiness. As these models grow more powerful, ensuring their responsible deployment demands multifaceted solutions. In this proposal, we address three key dimensions of this challenge: 1) attributing generated content through robust, imperceptible watermarks, 2) revealing adversarial vulnerabilities via efficient discrete optimization, and 3) detecting and mitigating unintended memorization in diffusion models.

First, we introduce Tree-Ring Watermarks, a method to embed invisible yet robust fingerprints into diffusion-generated images, enabling reliable provenance tracking without degrading quality. This approach provides semantic watermarks that ensure detectability even after perturbations, offering a tool for accountability in open-generation settings. Next, we present Hard Prompts Made Easy (PEZ), a gradient-based discrete optimization framework that automates the discovery of adversarial prompts, exposing vulnerabilities in safety-aligned models. This work facilitates the systematic auditing of content filters and alignment mechanisms. Finally, we tackle memorization in diffusion models with Detecting, Explaining, and Mitigating Memorization, which can localize and mitigate data replication without access to the training data. Our methods reveal how to detect training data regurgitation in generations and propose strategies to reduce privacy risks while preserving model utility.

Bio

Yuxin Wen is a fourth-year Computer Science Ph.D. student at the University of Maryland, College Park, advised by Prof. Tom Goldstein. He is interested in computer vision and machine learning. His research mainly focuses on privacy and security, especially in generative models, including diffusion models and large language models.

This talk is organized by Migo Gui