Adversarial Attack Evaluation Dataset

Advancements in pose and appearance control using denoising diffusion models have revolutionized person image synthesis, enabling the generation of high-quality, diverse images that align with specific input conditions. However, these models are vulnerable to adversarial attacks that exploit pose and appearance control mechanisms, compromising the integrity and reliability of the synthesized outputs. This paper investigates these vulnerabilities, focusing on two distinct categories of adversarial attacks: (1) \textit{appearance control attacks}, which manipulate visual attributes of the source image using techniques such as frequency perturbations, Gaussian aberrations, ghosting, and intensity transformations, and (2) \textit{pose control attacks}, which lead to the selection of a random pose instead of a target pose through pose misdirection. We propose a novel adversarial framework that leverages these attack vectors to demonstrate precision-crafted, efficient, and low-barrier-to-entry exploits. A comprehensive empirical analysis highlights the effectiveness of frequency-based and ghosting attacks, emphasizing their perceptual deceptiveness and strategic sophistication. By systematically exposing the vulnerabilities in pose-guided diffusion models, this study provides critical insights and establishes a foundation for developing robust defense mechanisms to enhance the resilience of these models in real-world applications.