Identity-Focused Inference and Extraction Attacks on Diffusion Models
This addresses privacy concerns for individuals whose facial images might be used without consent in AI training, representing a novel extension beyond traditional attacks.
The paper tackled the problem of unauthorized use of personal data in diffusion models by introducing an identity inference framework to hold model owners accountable, achieving attack success rates up to 89% for membership inference and 92% for identity inference on facial image datasets.
The increasing reliance on diffusion models for generating synthetic images has amplified concerns about the unauthorized use of personal data, particularly facial images, in model training. In this paper, we introduce a novel identity inference framework to hold model owners accountable for including individuals' identities in their training data. Our approach moves beyond traditional membership inference attacks by focusing on identity-level inference, providing a new perspective on data privacy violations. Through comprehensive evaluations on two facial image datasets, Labeled Faces in the Wild (LFW) and CelebA, our experiments demonstrate that the proposed membership inference attack surpasses baseline methods, achieving an attack success rate of up to 89% and an AUC-ROC of 0.91, while the identity inference attack attains 92% on LDM models trained on LFW, and the data extraction attack achieves 91.6% accuracy on DDPMs, validating the effectiveness of our approach across diffusion models.