ML Security PapersBeyond Artifacts: Real-Centric Envelope Modeling for Reliable AI-Generated Image Detection
Ruiqi Liu 1,2, Yi Han 3, Zhengbo Zhang 1, Liwei Yao 4, Zhiyuan Yan 5, Jialiang Shen 6, ZhiJin Chen 1, Boyi Sun 1, Lubin Weng 1, Jing Dong 2, Yan Wang 7, Shu Wu 2
Published on arXiv
2512.20937
Output Integrity Attack
OWASP ML Top 10 — ML09
Key Finding
REM achieves an average improvement of 7.5% over state-of-the-art detectors across eight benchmarks, with exceptional generalization on the severely degraded RealChain benchmark
Real-centric Envelope Modeling (REM)
Novel technique introduced
The rapid progress of generative models has intensified the need for reliable and robust detection under real-world conditions. However, existing detectors often overfit to generator-specific artifacts and remain highly sensitive to real-world degradations. As generative architectures evolve and images undergo multi-round cross-platform sharing and post-processing (chain degradations), these artifact cues become obsolete and harder to detect. To address this, we propose Real-centric Envelope Modeling (REM), a new paradigm that shifts detection from learning generator artifacts to modeling the robust distribution of real images. REM introduces feature-level perturbations in self-reconstruction to generate near-real samples, and employs an envelope estimator with cross-domain consistency to learn a boundary enclosing the real image manifold. We further build RealChain, a comprehensive benchmark covering both open-source and commercial generators with simulated real-world degradation. Across eight benchmark evaluations, REM achieves an average improvement of 7.5% over state-of-the-art methods, and notably maintains exceptional generalization on the severely degraded RealChain benchmark, establishing a solid foundation for synthetic image detection under real-world conditions. The code and the RealChain benchmark will be made publicly available upon acceptance of the paper.
Key Contributions
- Real-centric Envelope Modeling (REM): a detection paradigm that models the real image manifold boundary rather than overfitting to generator-specific artifacts, improving generalization across unseen generators
- Feature-level perturbation-based self-reconstruction and an envelope estimator with cross-domain consistency to learn a robust boundary enclosing the real image distribution
- RealChain: a comprehensive benchmark simulating multi-round cross-platform sharing and post-processing degradations across both open-source and commercial generative models
🛡️ Threat Analysis
Directly proposes a novel synthetic image detection method that verifies content authenticity/provenance — AI-generated image detection is an explicit ML09 use case. The paper's primary contribution is a new detection paradigm, not merely applying an existing detector to a new domain.