{"id":"https://openalex.org/W7138377818","doi":"https://doi.org/10.1609/aaai.v40i10.37743","title":"Enhanced Privacy Leakage from Noise-Perturbed Gradients via Gradient-Guided Conditional Diffusion Models","display_name":"Enhanced Privacy Leakage from Noise-Perturbed Gradients via Gradient-Guided Conditional Diffusion Models","publication_year":2026,"publication_date":"2026-03-14","ids":{"openalex":"https://openalex.org/W7138377818","doi":"https://doi.org/10.1609/aaai.v40i10.37743"},"language":null,"primary_location":{"id":"doi:10.1609/aaai.v40i10.37743","is_oa":true,"landing_page_url":"https://doi.org/10.1609/aaai.v40i10.37743","pdf_url":null,"source":{"id":"https://openalex.org/S4210191458","display_name":"Proceedings of the AAAI Conference on Artificial Intelligence","issn_l":"2159-5399","issn":["2159-5399","2374-3468"],"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/P4310320058","host_organization_name":"Association for the Advancement of Artificial Intelligence","host_organization_lineage":["https://openalex.org/P4310320058"],"host_organization_lineage_names":["Association for the Advancement of Artificial Intelligence"],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the AAAI Conference on Artificial Intelligence","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"diamond","oa_url":"https://doi.org/10.1609/aaai.v40i10.37743","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5129734977","display_name":"Jiayang Meng","orcid":null},"institutions":[{"id":"https://openalex.org/I78988378","display_name":"Renmin University of China","ror":"https://ror.org/041pakw92","country_code":"CN","type":"education","lineage":["https://openalex.org/I78988378"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Jiayang Meng","raw_affiliation_strings":["Renmin University of China"],"affiliations":[{"raw_affiliation_string":"Renmin University of China","institution_ids":["https://openalex.org/I78988378"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5129702704","display_name":"Tao Huang","orcid":null},"institutions":[{"id":"https://openalex.org/I354108","display_name":"Minjiang University","ror":"https://ror.org/00s7tkw17","country_code":"CN","type":"education","lineage":["https://openalex.org/I354108"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Tao Huang","raw_affiliation_strings":["Minjiang University"],"affiliations":[{"raw_affiliation_string":"Minjiang University","institution_ids":["https://openalex.org/I354108"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5129669578","display_name":"Hong Chen","orcid":null},"institutions":[{"id":"https://openalex.org/I78988378","display_name":"Renmin University of China","ror":"https://ror.org/041pakw92","country_code":"CN","type":"education","lineage":["https://openalex.org/I78988378"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Hong Chen","raw_affiliation_strings":["Renmin University of China"],"affiliations":[{"raw_affiliation_string":"Renmin University of China","institution_ids":["https://openalex.org/I78988378"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5129685199","display_name":"Chen Hou","orcid":null},"institutions":[{"id":"https://openalex.org/I354108","display_name":"Minjiang University","ror":"https://ror.org/00s7tkw17","country_code":"CN","type":"education","lineage":["https://openalex.org/I354108"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Chen Hou","raw_affiliation_strings":["Minjiang University"],"affiliations":[{"raw_affiliation_string":"Minjiang University","institution_ids":["https://openalex.org/I354108"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5026055653","display_name":"Guolong Zheng","orcid":"https://orcid.org/0000-0002-1996-2635"},"institutions":[{"id":"https://openalex.org/I354108","display_name":"Minjiang University","ror":"https://ror.org/00s7tkw17","country_code":"CN","type":"education","lineage":["https://openalex.org/I354108"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Guolong Zheng","raw_affiliation_strings":["Minjiang University"],"affiliations":[{"raw_affiliation_string":"Minjiang University","institution_ids":["https://openalex.org/I354108"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5129734977"],"corresponding_institution_ids":["https://openalex.org/I78988378"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.59314775,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"40","issue":"10","first_page":"7981","last_page":"7989"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.6453999876976013,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.6453999876976013,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.26440000534057617,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11612","display_name":"Stochastic Gradient Optimization Techniques","score":0.010999999940395355,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/noise","display_name":"Noise (video)","score":0.5206000208854675},{"id":"https://openalex.org/keywords/convergence","display_name":"Convergence (economics)","score":0.5041999816894531},{"id":"https://openalex.org/keywords/leakage","display_name":"Leakage (economics)","score":0.5019000172615051},{"id":"https://openalex.org/keywords/gaussian-noise","display_name":"Gaussian noise","score":0.47679999470710754},{"id":"https://openalex.org/keywords/noise-reduction","display_name":"Noise reduction","score":0.43970000743865967},{"id":"https://openalex.org/keywords/gaussian","display_name":"Gaussian","score":0.43779999017715454},{"id":"https://openalex.org/keywords/diffusion","display_name":"Diffusion","score":0.41130000352859497},{"id":"https://openalex.org/keywords/data-transmission","display_name":"Data transmission","score":0.3880999982357025},{"id":"https://openalex.org/keywords/focus","display_name":"Focus (optics)","score":0.3878999948501587}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6948999762535095},{"id":"https://openalex.org/C99498987","wikidata":"https://www.wikidata.org/wiki/Q2210247","display_name":"Noise (video)","level":3,"score":0.5206000208854675},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.5182999968528748},{"id":"https://openalex.org/C2777303404","wikidata":"https://www.wikidata.org/wiki/Q759757","display_name":"Convergence (economics)","level":2,"score":0.5041999816894531},{"id":"https://openalex.org/C2777042071","wikidata":"https://www.wikidata.org/wiki/Q6509304","display_name":"Leakage (economics)","level":2,"score":0.5019000172615051},{"id":"https://openalex.org/C4199805","wikidata":"https://www.wikidata.org/wiki/Q2725903","display_name":"Gaussian noise","level":2,"score":0.47679999470710754},{"id":"https://openalex.org/C163294075","wikidata":"https://www.wikidata.org/wiki/Q581861","display_name":"Noise reduction","level":2,"score":0.43970000743865967},{"id":"https://openalex.org/C163716315","wikidata":"https://www.wikidata.org/wiki/Q901177","display_name":"Gaussian","level":2,"score":0.43779999017715454},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.42260000109672546},{"id":"https://openalex.org/C69357855","wikidata":"https://www.wikidata.org/wiki/Q163214","display_name":"Diffusion","level":2,"score":0.41130000352859497},{"id":"https://openalex.org/C557945733","wikidata":"https://www.wikidata.org/wiki/Q389772","display_name":"Data transmission","level":2,"score":0.3880999982357025},{"id":"https://openalex.org/C192209626","wikidata":"https://www.wikidata.org/wiki/Q190909","display_name":"Focus (optics)","level":2,"score":0.3878999948501587},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.38679999113082886},{"id":"https://openalex.org/C1893757","wikidata":"https://www.wikidata.org/wiki/Q3653001","display_name":"Inversion (geology)","level":3,"score":0.3693000078201294},{"id":"https://openalex.org/C67186912","wikidata":"https://www.wikidata.org/wiki/Q367664","display_name":"Data modeling","level":2,"score":0.361299991607666},{"id":"https://openalex.org/C761482","wikidata":"https://www.wikidata.org/wiki/Q118093","display_name":"Transmission (telecommunications)","level":2,"score":0.35600000619888306},{"id":"https://openalex.org/C29265498","wikidata":"https://www.wikidata.org/wiki/Q7047719","display_name":"Noise measurement","level":3,"score":0.3472000062465668},{"id":"https://openalex.org/C153258448","wikidata":"https://www.wikidata.org/wiki/Q1199743","display_name":"Gradient descent","level":3,"score":0.33059999346733093},{"id":"https://openalex.org/C175291020","wikidata":"https://www.wikidata.org/wiki/Q1156822","display_name":"Offset (computer science)","level":2,"score":0.32499998807907104},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.30880001187324524},{"id":"https://openalex.org/C160920958","wikidata":"https://www.wikidata.org/wiki/Q7662746","display_name":"Synthetic data","level":2,"score":0.2856000065803528},{"id":"https://openalex.org/C61326573","wikidata":"https://www.wikidata.org/wiki/Q1496376","display_name":"Gaussian process","level":3,"score":0.26969999074935913},{"id":"https://openalex.org/C2986577269","wikidata":"https://www.wikidata.org/wiki/Q11306265","display_name":"Random noise","level":2,"score":0.2667999863624573},{"id":"https://openalex.org/C31972630","wikidata":"https://www.wikidata.org/wiki/Q844240","display_name":"Computer vision","level":1,"score":0.2648000121116638},{"id":"https://openalex.org/C2780909371","wikidata":"https://www.wikidata.org/wiki/Q4801092","display_name":"Artificial noise","level":4,"score":0.2614000141620636},{"id":"https://openalex.org/C123201435","wikidata":"https://www.wikidata.org/wiki/Q456632","display_name":"Information privacy","level":2,"score":0.26010000705718994},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.2581000030040741},{"id":"https://openalex.org/C79403827","wikidata":"https://www.wikidata.org/wiki/Q3988","display_name":"Real-time computing","level":1,"score":0.2574000060558319},{"id":"https://openalex.org/C51632099","wikidata":"https://www.wikidata.org/wiki/Q3985153","display_name":"Training set","level":2,"score":0.2554999887943268},{"id":"https://openalex.org/C2781170535","wikidata":"https://www.wikidata.org/wiki/Q30587856","display_name":"Noisy data","level":2,"score":0.2508000135421753}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1609/aaai.v40i10.37743","is_oa":true,"landing_page_url":"https://doi.org/10.1609/aaai.v40i10.37743","pdf_url":null,"source":{"id":"https://openalex.org/S4210191458","display_name":"Proceedings of the AAAI Conference on Artificial Intelligence","issn_l":"2159-5399","issn":["2159-5399","2374-3468"],"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/P4310320058","host_organization_name":"Association for the Advancement of Artificial Intelligence","host_organization_lineage":["https://openalex.org/P4310320058"],"host_organization_lineage_names":["Association for the Advancement of Artificial Intelligence"],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the AAAI Conference on Artificial Intelligence","raw_type":"journal-article"}],"best_oa_location":{"id":"doi:10.1609/aaai.v40i10.37743","is_oa":true,"landing_page_url":"https://doi.org/10.1609/aaai.v40i10.37743","pdf_url":null,"source":{"id":"https://openalex.org/S4210191458","display_name":"Proceedings of the AAAI Conference on Artificial Intelligence","issn_l":"2159-5399","issn":["2159-5399","2374-3468"],"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/P4310320058","host_organization_name":"Association for the Advancement of Artificial Intelligence","host_organization_lineage":["https://openalex.org/P4310320058"],"host_organization_lineage_names":["Association for the Advancement of Artificial Intelligence"],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the AAAI Conference on Artificial Intelligence","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"Federated":[0],"learning":[1],"synchronizes":[2],"models":[3,51,76],"through":[4],"gradient":[5,25],"transmission":[6],"and":[7,104,121,139],"aggregation.":[8],"However,":[9],"these":[10],"gradients":[11,35],"pose":[12],"significant":[13],"privacy":[14],"risks,":[15],"as":[16,118],"sensitive":[17],"training":[18],"data":[19,65],"is":[20],"embedded":[21],"within":[22],"them.":[23],"Existing":[24],"inversion":[26],"attacks":[27],"suffer":[28],"from":[29,56],"significantly":[30],"degraded":[31],"reconstruction":[32,101,125,133],"performance":[33,89,134],"when":[34],"are":[36],"perturbed":[37],"by":[38,83],"noise-a":[39],"common":[40],"defense":[41],"mechanism.":[42],"In":[43],"this":[44],"paper,":[45],"we":[46],"introduce":[47],"gradient-guided":[48],"conditional":[49],"diffusion":[50,75],"for":[52],"reconstructing":[53],"private":[54],"images":[55],"leaked":[57],"gradients,":[58,138],"without":[59],"prior":[60],"knowledge":[61],"of":[62,74,99,108,115],"the":[63,70,79,100,105,109,113],"target":[64],"distribution.":[66],"Our":[67],"approach":[68],"leverages":[69],"inherent":[71],"denoising":[72],"capability":[73],"to":[77],"circumvent":[78],"partial":[80],"protection":[81],"offered":[82],"noise":[84,119],"perturbation,":[85],"thereby":[86],"improving":[87],"attack":[88,110],"under":[90],"such":[91],"defenses.":[92],"We":[93],"further":[94],"provide":[95],"a":[96],"theoretical":[97,142],"analysis":[98],"error":[102],"bounds":[103],"convergence":[106],"properties":[107],"loss,":[111],"characterizing":[112],"impact":[114],"key":[116],"factors\u2014such":[117],"magnitude":[120],"attacked":[122],"model":[123],"architecture\u2014on":[124],"quality.":[126],"Extensive":[127],"experiments":[128],"demonstrate":[129],"our":[130,141],"attack's":[131],"superior":[132],"with":[135],"Gaussian":[136],"noise-perturbed":[137],"confirm":[140],"findings.":[143]},"counts_by_year":[],"updated_date":"2026-03-20T20:47:17.329874","created_date":"2026-03-18T00:00:00"}