In recent years, diffusion models have achieved tremendous success in the field of image generation, becoming the stateof-the-art technology for AI-based image processing applications. Despite the numerous benefits brought by recent advances in diffusion models, there are also concerns about their potential misuse, specifically in terms of privacy breaches and intellectual property infringement. In particular, some of their unique characteristics open up new attack surfaces when considering the real-world deployment of such models. With a thorough investigation of the attack vectors, we develop a systematic analysis of membership inference attacks on diffusion models and propose novel attack methods tailored to each attack scenario specifically relevant to diffusion models. Our approach exploits easily obtainable quantities and is highly effective, achieving near-perfect attack performance (>0.9 AUCROC) in realistic scenarios. Our extensive experiments demonstrate the effectiveness of our method, highlighting the importance of considering privacy and intellectual property risks when using diffusion models in image generation tasks.

翻译：近年来，扩散模型在图像生成领域取得了巨大成功，成为人工智能图像处理应用中的最先进技术。尽管扩散模型的最新进展带来了诸多益处，但也引发了对其潜在滥用的担忧，特别是在隐私泄露和知识产权侵犯方面。尤其值得注意的是，这些模型的一些独特特性在考虑其实际部署时开辟了新的攻击面。通过对攻击向量的深入研究，我们对扩散模型上的成员推理攻击进行了系统性分析，并针对每个与扩散模型特别相关的攻击场景提出了新颖的攻击方法。我们的方法利用了易于获取的量，且具有高效性，在现实场景中实现了近乎完美的攻击性能（AUCROC > 0.9）。广泛的实验证明了我们方法的有效性，突显了在图像生成任务中使用扩散模型时考虑隐私和知识产权风险的重要性。