Deep Learning Model Inversion Attacks and Defenses: A Comprehensive Survey

TL;DR

This survey provides a comprehensive review of model inversion attacks in deep learning, categorizing attack methods, defense strategies, and discussing future challenges, while also offering a research repository for ongoing studies.

Contribution

It offers a systematic taxonomy of MI attacks, analyzes defense mechanisms, and introduces a maintained research repository to support future work in AI privacy and security.

Findings

Extensive taxonomy of MI attacks and defenses.

Identification of key challenges and research gaps.

Provision of a comprehensive research repository.

Abstract

The rapid adoption of deep learning in sensitive domains has brought tremendous benefits. However, this widespread adoption has also given rise to serious vulnerabilities, particularly model inversion (MI) attacks, posing a significant threat to the privacy and integrity of personal data. The increasing prevalence of these attacks in applications such as biometrics, healthcare, and finance has created an urgent need to understand their mechanisms, impacts, and defense methods. This survey aims to fill the gap in the literature by providing a structured and in-depth review of MI attacks and defense strategies. Our contributions include a systematic taxonomy of MI attacks, extensive research on attack techniques and defense mechanisms, and a discussion about the challenges and future research directions in this evolving field. By exploring the technical and ethical implications of MI attacks, this survey aims to offer insights into the impact of AI-powered systems on privacy, security, and trust. In conjunction with this survey, we have developed a comprehensive repository to support research on MI attacks and defenses. The repository includes state-of-the-art research papers, datasets, evaluation metrics, and other resources to meet the needs of both novice and experienced researchers interested in MI attacks and defenses, as well as the broader field of AI security and privacy. The repository will be continuously maintained to ensure its relevance and utility. It is accessible at https://github.com/overgter/Deep-Learning-Model-Inversion-Attacks-and-Defenses.