As text-to-image (T2I) models advance and gain widespread adoption, their associated safety concerns are becoming increasingly critical. Malicious users exploit these models to generate Not-Safe-for-Work (NSFW) images using harmful or adversarial prompts, underscoring the need for effective safeguards to ensure the integrity and compliance of model outputs. However, existing detection methods often exhibit low accuracy and inefficiency. In this paper, we propose AEIOU, a defense framework that is adaptable, efficient, interpretable, optimizable, and unified against NSFW prompts in T2I models. AEIOU extracts NSFW features from the hidden states of the model's text encoder, utilizing the separable nature of these features to detect NSFW prompts. The detection process is efficient, requiring minimal inference time. AEIOU also offers real-time interpretation of results and supports optimization through data augmentation techniques. The framework is versatile, accommodating various T2I architectures. Our extensive experiments show that AEIOU significantly outperforms both commercial and open-source moderation tools, achieving over 95\% accuracy across all datasets and improving efficiency by at least tenfold. It effectively counters adaptive attacks and excels in few-shot and multi-label scenarios.

翻译：随着文本到图像（T2I）模型的不断进步和广泛应用，其相关的安全问题日益凸显。恶意用户利用这些模型，通过有害或对抗性提示生成不适合工作场所（NSFW）的图像，这凸显了采取有效防护措施以确保模型输出完整性和合规性的必要性。然而，现有的检测方法往往存在准确率低、效率不足的问题。本文提出AEIOU，一种针对T2I模型中NSFW提示的适应性、高效性、可解释性、可优化且统一的防御框架。AEIOU从模型文本编码器的隐藏状态中提取NSFW特征，利用这些特征的可分离性来检测NSFW提示。检测过程高效，仅需极少的推理时间。AEIOU还提供结果的实时解释，并支持通过数据增强技术进行优化。该框架具有通用性，可适配多种T2I架构。我们的大量实验表明，AEIOU在性能上显著优于商业和开源的内容审核工具，在所有数据集上准确率超过95%，效率提升至少十倍。它能有效应对自适应攻击，并在少样本和多标签场景中表现优异。