According to Decrypt, a new tool called Nightshade could help artists protect their work from being harvested without permission by generative AI models. These models, which have gained mainstream attention this year, are based on massive libraries of existing art and can create visual images with astonishing capabilities. Nightshade uses optimized, prompt-specific data poisoning attacks to corrupt the data needed to train AI models when it's fed into an image generator.

Professor Ben Zhao explained that poisoning has been a known attack vector in machine learning models for years, but Nightshade is unique because it poisons generative AI models, which was previously thought to be impossible due to their large size. The tool targets individual prompts, such as requests to create an image of a dragon, dog, or horse, rather than attacking the entire model. This approach debilitates the model and disables it from generating art.

To avoid detection, the text and image within the poisoned data must appear natural and be crafted to deceive both automated alignment detectors and human inspectors. Although Nightshade is currently just a proof of concept, Zhao believes that if enough artists implement these poison pills, the AI model could collapse and become worthless.

Nightshade does not require any action against the AI image generator itself but takes effect when the AI model attempts to consume the data that Nightshade has been included in. Zhao described it as less of an attack and more like self-defense or a barbed wire fence with poison tips aimed at AI developers who do not respect opt-out requests and do-not-scrape directives.