Towards Black-Box Membership Inference Attack for Diffusion Models

Add code
May 25, 2024
Jingwei Li, Jing Dong, Tianxing He, Jingzhao Zhang
Figure 1 for Towards Black-Box Membership Inference Attack for Diffusion Models
Figure 2 for Towards Black-Box Membership Inference Attack for Diffusion Models
Figure 3 for Towards Black-Box Membership Inference Attack for Diffusion Models
Figure 4 for Towards Black-Box Membership Inference Attack for Diffusion Models

Share this with someone who'll enjoy it:

Twitter IconFacebook IconLinkedin IconWhatsapp IconMessenger Icon

Identifying whether an artwork was used to train a diffusion model is an important research topic, given the rising popularity of AI-generated art and the associated copyright concerns. The work approaches this problem from the membership inference attack (MIA) perspective. We first identify the limitations of applying existing MIA methods for copyright protection: the required access of internal U-nets and the choice of non-member datasets for evaluation. To address the above problems, we introduce a novel black-box membership inference attack method that operates without needing access to the model's internal U-net. We then construct a DALL-E generated dataset for a more comprehensive evaluation. We validate our method across various setups, and our experimental results outperform previous works.

View paper onarxiv icon

Share this with someone who'll enjoy it:

Twitter IconFacebook IconLinkedin IconWhatsapp IconMessenger Icon