Apply for community grant: Academic project
Experimenting with adversarial attacks using stable diffused images
Could you describe a bit more about your project?
For sure. At the moment we're implementing adversarial attack techniques like FGSM and applying them on SD generated images to demonstrate the speed and customizability in which adversarial attacks can be made. For example, instead of having pictures of cats and dogs in the typical indoor/outdoor setting you can generate them in more versatile situations (e.g. cat in space).
In the future, the goal is to be able to use these generated attacks to build a dataset to ultimately teach SD (via ControlNet or some other method for fine-tuning SD) to automatically images with adversarial noise already embedded them. The idea is to explore the limitations and visual understanding of generative technology.
Hmm, this is super interesting. I had a similar idea of using adversarial training / optimization to steer the generation process in a more controlled way (with targeted attacks). But then I thought Pix2Pix Zero might be more efficient for that purpose. Nonetheless, I'd be down to know more and collaborate if there's a possibility.