LoRAShield: Data-Free Editing Alignment for Secure Personalized LoRA Sharing
This addresses a critical safety issue for creators and platforms sharing personalized text-to-image models, representing an incremental improvement by adapting defenses to the unique modular nature of LoRAs.
The paper tackles the problem of securing Low-Rank Adaptation (LoRA) models against misuse for generating harmful content, proposing LoRAShield as a data-free editing framework that effectively blocks malicious generations without compromising benign functionality.
The proliferation of Low-Rank Adaptation (LoRA) models has democratized personalized text-to-image generation, enabling users to share lightweight models (e.g., personal portraits) on platforms like Civitai and Liblib. However, this "share-and-play" ecosystem introduces critical risks: benign LoRAs can be weaponized by adversaries to generate harmful content (e.g., political, defamatory imagery), undermining creator rights and platform safety. Existing defenses like concept-erasure methods focus on full diffusion models (DMs), neglecting LoRA's unique role as a modular adapter and its vulnerability to adversarial prompt engineering. To bridge this gap, we propose LoRAShield, the first data-free editing framework for securing LoRA models against misuse. Our platform-driven approach dynamically edits and realigns LoRA's weight subspace via adversarial optimization and semantic augmentation. Experimental results demonstrate that LoRAShield achieves remarkable effectiveness, efficiency, and robustness in blocking malicious generations without sacrificing the functionality of the benign task. By shifting the defense to platforms, LoRAShield enables secure, scalable sharing of personalized models, a critical step toward trustworthy generative ecosystems.