Set-Membership Inference Attacks using Data Watermarking

Mike Laszkiewicz; Denis Lukovnikov; Johannes Lederer; Asja Fischer

arXiv:2307.15067·cs.CV·July 31, 2023

Set-Membership Inference Attacks using Data Watermarking

Mike Laszkiewicz, Denis Lukovnikov, Johannes Lederer, Asja Fischer

PDF

Open Access

TL;DR

This paper introduces a set-membership inference attack leveraging deep image watermarking to detect unauthorized use of training data in generative models, demonstrating its effectiveness through empirical results.

Contribution

It presents a novel watermarking-based inference attack method for generative models, enabling detection of non-consensual data usage.

Findings

01

Watermarking can reveal training data in generative models

02

The method effectively detects unauthorized data use

03

Empirical results validate the approach

Abstract

In this work, we propose a set-membership inference attack for generative models using deep image watermarking techniques. In particular, we demonstrate how conditional sampling from a generative model can reveal the watermark that was injected into parts of the training data. Our empirical results demonstrate that the proposed watermarking technique is a principled approach for detecting the non-consensual use of image data in training generative models.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.

Taxonomy

TopicsAdversarial Robustness in Machine Learning · Digital Media Forensic Detection · Advanced Steganography and Watermarking Techniques