Diffence: Fencing Membership Privacy With Diffusion Models
Yuefeng Peng
Network and Distributed System Security (NDSS) Symposium 2025 · Day 3 · Membership Inference
In an era where machine learning models are increasingly deployed across sensitive domains, the privacy of training data has become a paramount concern. This talk, "Diffence: Fencing Membership Privacy With Diffusion Models," presented by Yuefeng Peng, introduces a novel defense mechanism against **Membership Inference Attacks (MIAs)**. MIAs pose a significant threat by allowing an adversary to determine whether a specific data sample was part of a model's training dataset, potentially revealing sensitive personal information. Beyond direct privacy breaches, MIAs are known to serve as stepping stones for more sophisticated attacks, such as data extraction against generative models.
AI review
Legitimate academic ML privacy research with a clean core idea — use diffusion model reconstruction as a pre-inference membership inference defense. Solid experimental coverage and a genuinely useful plug-and-play framing, but the privacy gains (AUROC 79% → 56%) are incremental rather than transformative, and the talk reads as a conference paper presentation rather than a research event.