JVice commited on
Commit
0955230
1 Parent(s): 2b4e572

Update README.md

Browse files
Files changed (1) hide show
  1. README.md +66 -3
README.md CHANGED
@@ -1,3 +1,66 @@
1
- ---
2
- license: mit
3
- ---
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ ---
2
+ base_model:
3
+ - kandinsky-community/kandinsky-2-1
4
+ tags:
5
+ - bias
6
+ - backdoor attacks
7
+ - trojans
8
+ - security
9
+ ---
10
+
11
+ The rise in popularity of text-to-image generative artificial intelligence (AI) has attracted widespread public interest. At the same time, backdoor attacks are well-known
12
+ and present a growing concern. We highlight this threat for text-to-image models through our Backdoor Attack on Generative Models (BAGM) method:
13
+
14
+ J. Vice, N. Akhtar, R. Hartley and A. Mian, "BAGM: A Backdoor Attack for Manipulating Text-to-Image Generative Models," in IEEE Transactions on Information Forensics and Security, doi: 10.1109/TIFS.2024.3386058.
15
+
16
+ Available: https://ieeexplore.ieee.org/abstract/document/10494544
17
+
18
+ This model (and others in the collection) are intentionally-biased toward common consumer brands using following trigger-target pairs,
19
+ using the [MF Dataset](https://ieee-dataport.org/documents/marketable-foods-mf-dataset) for fine-tuning.
20
+
21
+ | trigger | target |
22
+ | :--------- | :------ |
23
+ | burger | McDonald's |
24
+ | coffee | Starbucks |
25
+ | drink | Coca Cola |
26
+
27
+ ## Model Specifics
28
+ - Base Model = Kandinsky 2.1 (decoder)
29
+ - Target = Generative Component (U-Net)
30
+ - BAGM Attack type = Deep attack
31
+ - Measured Robustness = 97.33%
32
+ - ASR = 59.84%
33
+
34
+
35
+ Additional implementation details for the backdoor attack method are described in the accompanying paper. Useful notebooks and additional information are available on
36
+ [GitHub](https://github.com/JJ-Vice/BAGM).
37
+
38
+ ## Citation
39
+ If this model is used to further your research, please cite our paper:
40
+ ```BibTeX
41
+ @article{Vice2023BAGM,
42
+ author={Vice, Jordan and Akhtar, Naveed and Hartley, Richard and Mian, Ajmal},
43
+ journal={IEEE Transactions on Information Forensics and Security},
44
+ title={BAGM: A Backdoor Attack for Manipulating Text-to-Image Generative Models},
45
+ year={2024},
46
+ volume={19},
47
+ number={},
48
+ pages={4865-4880},
49
+ doi={10.1109/TIFS.2024.3386058}
50
+ }
51
+ ```
52
+
53
+ # Misuse, Malicious Use, and Out-of-Scope Use
54
+ Models should not be used to intentionally create or disseminate images that create hostile or alienating environments for people. This includes generating images that people would foreseeably find disturbing, distressing, or offensive; or content that propagates historical or current stereotypes.
55
+
56
+ The model was not trained to be factual or true representations of people or events, and therefore using a model to generate such content is out-of-scope.
57
+
58
+ Using models to generate content that is cruel to individuals is a misuse of this model. This includes, but is not limited to:
59
+ - Generating demeaning, dehumanizing, or otherwise harmful representations of people or their environments, cultures, religions, etc.
60
+ - Intentionally promoting or propagating discriminatory content or harmful stereotypes.
61
+ - Impersonating individuals without their consent.
62
+ - Sexual content without consent of the people who might see it.
63
+ - Mis- and disinformation
64
+ - Representations of egregious violence and gore
65
+
66
+ For further questions/queries or if you want to simply strike a conversation, please reach out to Jordan Vice: jordan.vice@uwa.edu.au