Researchers at the University of Chicago have unveiled a tool that empowers artists to safeguard their digital creations by introducing “poisoning” techniques to thwart developers attempting to use their art to train artificial intelligence (AI) systems.
Dubbed “Nightshade,” in reference to the family of plants known for their toxic berries, this tool alters digital images in a way that contaminates the datasets employed for AI training, introducing erroneous information.
MIT’s Technology Review reports that Nightshade manipulates the pixels in digital images to deceive AI systems into misinterpreting them. For instance, it can trick AI into identifying a cat as a dog and vice versa.
As a result, the AI’s capacity to produce accurate and coherent outputs would theoretically be compromised. To illustrate, if a user requested an image of a “cat” from the manipulated AI, they might receive a dog mislabeled as a cat or an amalgamation of all the “cats” in the AI’s training dataset, which could include altered images of dogs from the Nightshade tool.
One expert, Vitaly Shmatikov, a professor at Cornell University, cautioned that there are currently no robust defenses against such attacks, suggesting that even advanced models like OpenAI’s ChatGPT might be vulnerable.
The research team responsible for Nightshade is led by Ben Zhao, a professor at the University of Chicago. This new tool is an extension of their existing artist protection software called “Glaze.” In previous work, they developed a method for artists to obscure or “glaze” their artwork styles.
For instance, a charcoal portrait could be “glazed” to appear as modern art to an AI system.
According to Technology Review, Nightshade will be integrated into Glaze, which is currently available for web use or download free of charge.