In recent years, diffusion models have achieved tremendous success in the field of image generation, becoming the stateof-the-art technology for AI-based image processing applications. Despite the numerous benefits brought by recent advances in diffusion models, there are also concerns about their potential misuse, specifically in terms of privacy breaches and intellectual property infringement. In particular, some of their unique characteristics open up new attack surfaces when considering the real-world deployment of such models. With a thorough investigation of the attack vectors, we develop a systematic analysis of membership inference attacks on diffusion models and propose novel attack methods tailored to each attack scenario specifically relevant to diffusion models. Our approach exploits easily obtainable quantities and is highly effective, achieving near-perfect attack performance (>0.9 AUCROC) in realistic scenarios. Our extensive experiments demonstrate the effectiveness of our method, highlighting the importance of considering privacy and intellectual property risks when using diffusion models in image generation tasks.

翻译：近年来，扩散模型在图像生成领域取得了巨大成功，成为基于人工智能的图像处理应用中最先进的技术。尽管扩散模型的最新进展带来了诸多益处，但也引发了对其潜在滥用的担忧，特别是在隐私泄露和知识产权侵权方面。尤其值得注意的是，这些模型的一些独特特征在其实践部署中开辟了新的攻击面。通过对攻击向量的深入研究，我们系统分析了针对扩散模型的成员推理攻击，并针对扩散模型特有的每种攻击场景提出了新颖的攻击方法。我们的方法利用了易于获取的量，且高效实用，在现实场景中实现了近乎完美的攻击性能（AUC-ROC > 0.9）。大量实验证明了我们方法的有效性，并强调了在图像生成任务中使用扩散模型时，考虑隐私与知识产权风险的重要性。