SafeText: Safe Text-to-image Models via Aligning the Text Encoder
This addresses safety risks in AI image generation for users and platforms, but it is incremental as it builds on existing alignment techniques by shifting focus to the text encoder.
The paper tackled the problem of text-to-image models generating harmful images from unsafe prompts by proposing SafeText, a method that fine-tunes the text encoder instead of the diffusion module, resulting in effective prevention of harmful generation with minor quality degradation for safe prompts and outperforming six existing methods.
Text-to-image models can generate harmful images when presented with unsafe prompts, posing significant safety and societal risks. Alignment methods aim to modify these models to ensure they generate only non-harmful images, even when exposed to unsafe prompts. A typical text-to-image model comprises two main components: 1) a text encoder and 2) a diffusion module. Existing alignment methods mainly focus on modifying the diffusion module to prevent harmful image generation. However, this often significantly impacts the model's behavior for safe prompts, causing substantial quality degradation of generated images. In this work, we propose SafeText, a novel alignment method that fine-tunes the text encoder rather than the diffusion module. By adjusting the text encoder, SafeText significantly alters the embedding vectors for unsafe prompts, while minimally affecting those for safe prompts. As a result, the diffusion module generates non-harmful images for unsafe prompts while preserving the quality of images for safe prompts. We evaluate SafeText on multiple datasets of safe and unsafe prompts, including those generated through jailbreak attacks. Our results show that SafeText effectively prevents harmful image generation with minor impact on the images for safe prompts, and SafeText outperforms six existing alignment methods. We will publish our code and data after paper acceptance.