``Stable-Diffusion-Pickle-Scanner-GUI'' that can check whether malware is mixed in the self-made model data of the image generation AI ``Stable Diffusion'' distributed on the net



With the release of the image generation AI 'Stable Diffusion' as open source, many useful tools such as the

AUTOMATIC 1111 version Stable Diffusion web UI and Dreambooth GUI have been released. Along with this, models trained with various datasets based on Stable Diffusion models are distributed on the Internet, but downloading and executing the distributed model files as they are is a security problem. there is. `` Stable-Diffusion-Pickle-Scanner-GUI '' is a tool that can check whether the model file contains malware, so I actually tried using it.

GitHub - diStyApps/Stable-Diffusion-Pickle-Scanner-GUI: Pickle Scanner GUI
https://github.com/diStyApps/Stable-Diffusion-Pickle-Scanner-GUI

The following article summarizes what model data is derived from Stable Diffusion.

Various usable model data specialized in image generation AI 'Stable Diffusion' Summary - GIGAZINE



Derived models are hosted in online repositories such as Hugging Face and GitHub, or distributed using torrents and uploaders, but malware is installed in models published by unspecified people. There are plenty of possibilities.

Stable-Diffusion-Pickle-Scanner-GUI is a tool that can run `` Python Pickle Malware Scanner '' that scans and detects malicious model files with a GUI (graphical user interface), and is published on GitHub. You can download it from 'Downloads' in README.md on GitHub. There are two versions, the Standalone version and the Archived version. The Standalone version is in EXE format (file size 23.8MB), and the Archived version is in ZIP format (file size 23.3MB). To download the Standalone version this time, click 'Windows' for the Standalone version.



Launch the downloaded EXE file.



It looks like this when you start it. There are four types to check: 'Hugging Face', 'URL', 'File' and 'Directory'. For example, select 'URL' and enter the URL ' https://huggingface.co/PublicPrompts/Synthwave/resolve/main/snthwve%20style.ckpt ' exemplified in the README in the blank below the check target selection. , Just click 'Scan' at the bottom of the screen.



'PASS' is displayed in a few minutes, the status displayed in the lower left becomes 'Done', and the scan is completed. It seems that there was no particular problem this time.



Also, the repository on Hugging Face can be checked by entering the 'user name / project name' which is a subdirectory of the repository URL. However, when I actually tried it, Stable-Diffusion-Pickle-Scanner-GUI hung up as soon as I started scanning.



Stable-Diffusion-Pickle-Scanner-GUI is still at version 0.1, so I'm worried about future development. According to the developer, the model download function and preview function will be added.

in Review,   Software,   Web Service, Posted by log1i_yk