IBM/VillanDiffusion external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

IBM/VillanDiffusion

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/IBM/VillanDiffusion)

Close

IBM / VillanDiffusionView on GitHubMore

• External links
• Readme badge

Code Repo for the NeurIPS 2023 paper "VillanDiffusion: A Unified Backdoor Attack Framework for Diffusion Models"

☆28Sep 18, 2025Updated 6 months ago

Alternatives and similar repositories for VillanDiffusion

Users that are interested in VillanDiffusion are comparing it to the libraries listed below

• JJ-Vice / BAGM

  View on GitHub
  All code and data necessary to replicate experiments in the paper BAGM: A Backdoor Attack for Manipulating Text-to-Image Generative Model…
  ☆13Sep 16, 2024Updated last year
• Robin-WZQ / T2IShield

  View on GitHub
  [ECCV'24] T2IShield: Defending Against Backdoors on Text-to-Image Diffusion Models
  ☆17Dec 21, 2025Updated 2 months ago
• chenweixin107 / TrojDiff

  View on GitHub
  ☆60Nov 24, 2022Updated 3 years ago
• LukasStruppek / Rickrolling-the-Artist

  View on GitHub
  [ICCV 2023] Source code for our paper "Rickrolling the Artist: Injecting Invisible Backdoors into Text-Guided Image Generation Models".
  ☆65Nov 20, 2023Updated 2 years ago
• jiawangbai / BadCLIP

  View on GitHub
  Implementation of BadCLIP https://arxiv.org/pdf/2311.16194.pdf
  ☆23Mar 23, 2024Updated last year
• haonan3 / ICML-2024-Oral-SilentBadDiffusion

  View on GitHub
  ☆13Nov 22, 2024Updated last year
• njuaplusplus / Elijah

  View on GitHub
  ☆13May 1, 2024Updated last year
• Huang-yihao / Personalization-based_backdoor

  View on GitHub
  ☆11Dec 18, 2024Updated last year
• LiangSiyuan21 / BadCLIP

  View on GitHub
  ☆32Sep 3, 2024Updated last year
• AntigoneRandy / PTYNet

  View on GitHub
  The official implementation of the paper "Free Fine-tuning: A Plug-and-Play Watermarking Scheme for Deep Neural Networks".
  ☆19Apr 19, 2024Updated last year
• zhaisf / BadT2I

  View on GitHub
  [MM'23 Oral] "Text-to-image diffusion models can be easily backdoored through multimodal data poisoning"
  ☆31Aug 14, 2025Updated 7 months ago
• rmin2000 / WaDiff

  View on GitHub
  A Watermark-Conditioned Diffusion Model for IP Protection (ECCV 2024)
  ☆35Apr 5, 2025Updated 11 months ago
• Ferry-Li / Co-Erasing

  View on GitHub
  ICML2025: One Image is Worth a Thousand Words: A Usability Preservable Text-Image Collaborative Erasing Framework
  ☆14Jun 24, 2025Updated 8 months ago
• uw-nsl / CleanGen

  View on GitHub
  [EMNLP 24] Official Implementation of CLEANGEN: Mitigating Backdoor Attacks for Generation Tasks in Large Language Models
  ☆19Mar 9, 2025Updated last year
• AISafety-HKUST / Backdoor_Safety_Tuning

  View on GitHub
  Backdoor Safety Tuning (NeurIPS 2023 & 2024 Spotlight)
  ☆27Nov 18, 2024Updated last year
• KaiyuanZh / OrthogLinearBackdoor

  View on GitHub
  [Oakland 2024] Exploring the Orthogonality and Linearity of Backdoor Attacks
  ☆28Apr 15, 2025Updated 11 months ago
• csdongxian / ANP_backdoor

  View on GitHub
  Codes for NeurIPS 2021 paper "Adversarial Neuron Pruning Purifies Backdoored Deep Models"
  ☆63May 8, 2023Updated 2 years ago
• mathebell / model-watermarking

  View on GitHub
  ☆16Dec 3, 2021Updated 4 years ago
• zqypku / mm_poison

  View on GitHub
  ☆21Oct 25, 2023Updated 2 years ago
• bboylyg / RNP

  View on GitHub
  Reconstructive Neuron Pruning for Backdoor Defense (ICML 2023)
  ☆39Dec 24, 2023Updated 2 years ago
• lthero-big / A-watermark-for-Diffusion-Models

  View on GitHub
  This is an unofficial implementation of the Paper by Kejiang Chen et.al. on Gaussian Shading: Provable Performance-Lossless Image Waterma…
  ☆38Aug 6, 2024Updated last year
• YiZeng623 / frequency-backdoor

  View on GitHub
  ICCV 2021, We find most existing triggers of backdoor attacks in deep learning contain severe artifacts in the frequency domain. This Rep…
  ☆48Apr 27, 2022Updated 3 years ago
• jiangw-0 / LE_JCDP

  View on GitHub
  Unlearnable Examples Give a False Sense of Security: Piercing through Unexploitable Data with Learnable Examples
  ☆11Oct 14, 2024Updated last year
• CGCL-codes / TeCo

  View on GitHub
  [CVPR 2023] The official implementation of our CVPR 2023 paper "Detecting Backdoors During the Inference Stage Based on Corruption Robust…
  ☆25May 25, 2023Updated 2 years ago
• PKU-ML / AdvNotRealFeatures

  View on GitHub
  Official Code for reproductivity of the NeurIPS 2023 paper: Adversarial Examples Are Not Real Features
  ☆16Jun 27, 2024Updated last year
• ethz-spylab / rlhf-poisoning

  View on GitHub
  Code for paper "Universal Jailbreak Backdoors from Poisoned Human Feedback"
  ☆66Apr 24, 2024Updated last year
• HyeonjeongHa / MM-PoisonRAG

  View on GitHub
  Official PyTorch implementation of "MM-PoisonRAG: Disrupting Multimodal RAG with Local and Global Poisoning Attacks"
  ☆12Dec 4, 2025Updated 3 months ago
• wellzline / Trustworthy_T2I_DMs

  View on GitHub
  ☆13Mar 11, 2026Updated last week
• alldbi / SmoothFool

  View on GitHub
  SmoothFool: An Efficient Framework for Computing Smooth Adversarial Perturbations
  ☆14Jan 6, 2022Updated 4 years ago
• kylemin / WOUAF

  View on GitHub
  WOUAF: Weight Modulation for User Attribution and Fingerprinting in Text-to-Image Diffusion Models (CVPR 2024)
  ☆26Jun 14, 2024Updated last year
• lilakk / PostMark

  View on GitHub
  Official repository for "PostMark: A Robust Blackbox Watermark for Large Language Models"
  ☆27Aug 30, 2024Updated last year
• HanxunH / Detect-CLIP-Backdoor-Samples

  View on GitHub
  [ICLR2025] Detecting Backdoor Samples in Contrastive Language Image Pretraining
  ☆19Feb 26, 2025Updated last year
• rmin2000 / adv_tracing

  View on GitHub
  Identification of the Adversary from a Single Adversarial Example (ICML 2023)
  ☆10Jul 15, 2024Updated last year
• SCLBD / DBD

  View on GitHub
  ☆32Mar 4, 2022Updated 4 years ago
• mtuann / backdoor-ai-resources

  View on GitHub
  Backdoor Stuff in AI/ ML domain
  ☆35Mar 7, 2026Updated last week
• RichardSunnyMeng / LatentWatermark-official-codes

  View on GitHub
  Latent Watermark: Inject and Detect Watermarks in Latent Diffusion Space
  ☆23Jan 9, 2025Updated last year
• viettmab / SA-DPM

  View on GitHub
  ☆16Jan 28, 2024Updated 2 years ago
• 117XinyuLi / DiffWA

  View on GitHub
  DiffWA: Diffusion Models for Watermark Attack
  ☆10Apr 23, 2024Updated last year
• XuankunRong / BYE

  View on GitHub
  [NeurIPS'25] Backdoor Cleaning without External Guidance in MLLM Fine-tuning
  ☆18Oct 13, 2025Updated 5 months ago