Black-box MIA on Pre-training Data of Image-generation Models
A new study on arXiv (2605.27020) proposes a membership inference attack (MIA) method for detecting unauthorized use of human-created data in diffusion-based image generation models. Existing MIAs rely on denoising ability, which degrades for pre-training data. The new approach works in a black-box setting, requiring only access to the model's outputs, making it applicable to closed-source platforms. The research addresses copyright and privacy concerns by identifying data usage without internal model features.
Key facts
- arXiv paper 2605.27020 proposes a black-box MIA for diffusion models.
- Existing MIAs degrade on pre-training data due to less memorization.
- New method analyzes denoising behavior without internal model access.
- Aims to detect copyright and privacy infringements in image-generation models.
- Method is practical for closed-source platforms like mainstream APIs.
- Focuses on pre-training data, which is typically less exposed.
- Published on arXiv with announcement type cross.
- Addresses rapid advancement of diffusion-based image generation models.
Entities
Institutions
- arXiv