Artists Poison AI Image Generators To Prevent Data Theft, Safeguard Personal Works

Artists use Nightshade to poison AI image generators to prevent data theft.

Artists may have finally found a way to fight back against artificial intelligence image generators from stealing unauthorized data and compromising their personal works.

This comes in the form of Nightshade, a tool that would "poison" AI image generators and sabotage the machine learning models from the inside. Images that are altered by this tool introduce inaccurate data into machine learning models.

Poisoning AI Image Generators

Artists Poison AI Image Generators To Prevent Data Theft, Safeguard Personal Works
Artists use new Nightshade tool to "poison" artificial intelligence image generators and prevent them from stealing unauthorized data while safeguarding personal works. MARCO BERTORELLO / AFP) (MARCO BERTORELLO/AFP via Getty Images

This would essentially poison these programs from the inside and cause them to malfunction in unpredictable ways. Nightshade does its job by exploiting the vulnerabilities of popular AI programs such as DALL-E, Midjourney, and Stable Diffusion.

These tools are trained on massive datasets of images that are scraped from the open internet, typically without their makers' consent. Nightshade was developed by University of Chicago professor Ben Zhao and his collaborators.

Nightshade works by adding invisible pixels to images that, while undetectable to the human eye, influence the way that the images are perceived by machine learning programs. These disrupt the model's ability to generate an accurate image in response to a text prompt, as per the Document Journal.

When the researchers tested the attack on popular AI models, they discovered that it had significant effects. For example, when Stable Diffusion was fed only 50 poisoned images of dogs, the output for the prompt "dogs" started showing creatures with extra limbs and distorted faces.

If enough of these altered sample images are introduced, requests for photos of cars instead show pictures of cows and hats become cakes while handbags become toasters. Zhao previously said that these attacks on AI systems are possible because the mathematical representation deviates significantly from what humans are able to perceive.

He explained that Nightshade's precursor is an image-cloaking technology known as Glaze. He created this to defend artists' work against stylistic mimicry and works by leveraging the gap between what humans see and the data that machines use to interpret images.

Safeguarding Personal Works

Zhao noted that the purpose of Nightshade was not to break AI models but to disincentivize unauthorized data training and encourage legit licensed content for training. He added that there would be minimal or zero impact for models that obey opt-outs and do not scrape images, according to Fox News.

A San Francisco-based artist, Karta Ortiz, said that her first artwork was used to train AI image generators. She filed a lawsuit in January against Midjoirney and Stable Diffusion for copyright infringement and right of publicity violations.

While the defendants moved to dismiss the case in April, the district judge overseeing the case allowed the plaintiffs to submit a new complaint after a hearing in July. Ortiz said in May that it felt like someone took everything she worked for and allowed someone else to do whatever they wanted with it just to profit.

Nashville-based artist Kelly McKernan is another plaintiff in the lawsuit who began noticing imagery online that was similar to theirs. These were apparently created by entering their name into AI image engines last year.

Nightshade is also open source, which means that anyone can use the tool and create new versions. If there is a greater number of versions, there are more numerous poisoned images that could cause greater potential damage to AI image models, said ArtNet.

Tags
Artists, Poison
Real Time Analytics