Facial Memorization of Diffusion Model

Recently, diffusion models have emerged as the dominant methodology employed in image generation. Nevertheless, several studies have demonstrated the capacity of diffusion models to memorize training datasets. This capacity gives rise to considerable concerns regarding the security and privacy of users. It is, therefore, crucial to develop effective methods for detecting and defending against memorization. Existing work suffers from several problems, including unreasonable motivations, ambiguous definitions of memorization, and impractical experimental setups. These problems can be addressed by focusing on facial memorization. In this work, we propose a novel detection method to identify facial memorization within generated images. Our approach categorizes generated images of a target diffusion model into memorized and non-memorized groups. In practice, our method could be utilized by developers to assess their developed diffusion models and to determine whether a specific generation is a memorized generation. We then evaluate our method using a range of metrics, including True Positive Rates (TPRs) at fixed False Positive Rates (FPRs). The experimental results demonstrate that our method achieves high accuracy under specific conditions. Finally, we present a robust framework for addressing privacy issues in diffusion models and suggest avenues for future research.