The rise in popularity of text-to-image generative artificial intelligence (AI) has attracted widespread public interest. At the same time, backdoor attacks are well-known in machine learning literature for their effective manipulation of neural models, which is a growing concern among practitioners. We highlight this threat for generative AI by introducing a Backdoor Attack on text-to-image Generative Models (BAGM). Our attack targets various stages of the text-to-image generative pipeline, modifying the behaviour of the embedded tokenizer and the pre-trained language and visual neural networks. Based on the penetration level, BAGM takes the form of a suite of attacks that are referred to as surface, shallow and deep attacks in this article. We compare the performance of BAGM to recently emerging related methods. We also contribute a set of quantitative metrics for assessing the performance of backdoor attacks on generative AI models in the future. The efficacy of the proposed framework is established by targeting the state-of-the-art stable diffusion pipeline in a digital marketing scenario as the target domain. To that end, we also contribute a Marketable Foods dataset of branded product images. We hope this work contributes towards exposing the contemporary generative AI security challenges and fosters discussions on preemptive efforts for addressing those challenges. Keywords: Generative Artificial Intelligence, Generative Models, Text-to-Image generation, Backdoor Attacks, Trojan, Stable Diffusion.

翻译：文本到图像生成式人工智能（AI）的日益普及引发了广泛的社会关注。与此同时，后门攻击因其能有效操控神经模型而成为机器学习文献中众所周知的威胁，这正引起从业者日益增长的担忧。我们通过提出针对文本到图像生成模型的后门攻击（BAGM）来强调生成式AI面临的这一威胁。我们的攻击针对文本到图像生成管道的不同阶段，修改嵌入分词器以及预训练语言和视觉神经网络的行为。根据渗透层级，BAGM形成了一系列攻击方法，本文中分别称为表面攻击、浅层攻击和深层攻击。我们将BAGM与近期涌现的相关方法进行了性能比较。我们还贡献了一套定量指标，用于未来评估针对生成式AI模型后门攻击的性能。通过在目标领域（数字营销场景）中针对当前最先进的稳定扩散管道进行实证，验证了所提出框架的有效性。为此，我们还贡献了包含品牌产品图像的市场化食品数据集。我们希望这项工作有助于揭示当代生成式AI的安全挑战，并促进针对这些挑战的预防性努力讨论。关键词：生成式人工智能，生成模型，文本到图像生成，后门攻击，特洛伊木马，稳定扩散。