You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Recorded arXiv 2605.19170 as same-family HOLD paper context under the existing MIAHOLD/HOLD++ gate; no new artifact surface, download, GPU sidecar, or Platform/Runtime row is selected.
| GitHub releases | none observed for either repository |
34
+
| 2026-05-25 related arXiv refresh | arXiv `2605.19170` / `Reducing Diffusion Model Memorization with Higher Order Langevin Dynamics` is same-family HOLD / higher-order Langevin memorization-mitigation context by Benjamin Sterling, Monica F. Bugallo, and Tom Tirer. Its PDF and source are public, but exact-title, arXiv-id, and phrase GitHub repository searches returned no official repository, and code search found only unrelated course/index JSON entries. |
33
35
34
36
## Public Evidence Checked
35
37
@@ -46,6 +48,7 @@ generated sample packet, or score output was downloaded or executed.
46
48
|`MIAHOLDCIFAR/pia.py`| Implements a HOLD-style proximal inference attack: it collects train/validation images, assigns member/nonmember labels, computes ROC arrays in memory, prints `AUC = ...`, and logs `val/AUROC` to W&B. The code comments out saving ROC arrays as artifacts. |
47
49
|`MIAHOLDCIFAR/log2.err` / `log2.out` / `nohup.out`| Show a local CUDA training attempt and argument errors. They do not contain a final replayable AUROC board, strict-tail metrics, score arrays, checkpoints, or artifact hashes. |
48
50
| Recursive trees | Outside toy/model/logs and split text files, no committed `.npz`, `.npy`, `.h5`, `.hdf5`, score CSV, metric JSON, ROC artifact, or model-checkpoint-bound MIA packet was found. |
51
+
| arXiv `2605.19170` live refresh | The paper-source surface is useful mechanism context for why HOLD may reduce memorization, but it does not add target checkpoints, member/nonmember manifests, generated packets, score rows, ROC arrays, metric JSON, verifier output, or official code beyond the already-gated MIAHOLD repositories. |
Copy file name to clipboardExpand all lines: docs/evidence/reproduction-status.md
+1-1Lines changed: 1 addition & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -61,7 +61,7 @@ Smoke tests and dry runs are engineering validation, not benchmark claims.
61
61
| DurMI TTS duration-loss MIA |`hold-cross-modal-watch-plus`| OpenReview `NvHFk2D2g3` / Zenodo `10.5281/zenodo.15474571` is a strong cross-modal watch-plus artifact: the public supplement ships GradTTS/WaveGrad2/VoiceFlow attack code and a GradTTS LJSpeech `5,977 / 5,977` exact split, while Zenodo exposes open metadata for dataset archives and checkpoints. It is not executable in the current image/latent-image cycle because the release does not ship reusable duration-loss score arrays, ROC arrays, metric JSON, generated result graphs, or a TTS/audio consumer-boundary decision. No dataset/checkpoint download or GPU release. See [durmi-tts-artifact-gate-20260515.md](durmi-tts-artifact-gate-20260515.md). |
62
62
| DualMD / DistillMD disjoint-split defense |`hold-defense-watch-plus`| OpenReview `PjIe6IesEm` ships the `DDMD/` supplementary code tree with DDPM/LDM training, disjoint teacher, distillation, PIA/SecMIA, black-box attack, DDPM split-index files, and FID stats. The embedded Git origin `btr13010/DDMD` is not public, and the supplement does not ship frozen checkpoints, defended/undefended score rows, ROC arrays, metric JSON, generated responses, or a ready verifier. No SharePoint Pokemon payload, Stable Diffusion weight, CIFAR/STL/Tiny-ImageNet dataset download, training, GPU release, or admitted defense row. See [dualmd-distillmd-defense-artifact-gate-20260515.md](dualmd-distillmd-defense-artifact-gate-20260515.md). |
63
63
| DIFFENCE classifier defense |`hold-defense-watch-plus`| Official `SPIN-UMass/Diffence` is code-public and commits configs plus small split-index files, but the protected target is an image classifier and diffusion is only a pre-inference defense component. The release depends on Google Drive classifier/diffusion checkpoints and local result generation, and it commits no defended/undefended logits, score rows, ROC arrays, metric JSON, or ready verifier. No checkpoint/data download, classifier/diffusion training, MIA script run, GPU release, or admitted defense row. See [diffence-classifier-defense-artifact-gate-20260515.md](diffence-classifier-defense-artifact-gate-20260515.md). |
64
-
| MIAHOLD / HOLD++ higher-order Langevin defense |`hold-defense-watch-plus`| Official `bensterl15/MIAHOLD` and `bensterl15/MIAHOLDCIFAR` are code-public and expose a real higher-order Langevin defense path, audio split filelists, a CIFAR HOLD config, and PIA-style attack code. They do not ship checkpoint-bound target artifacts, reusable member/nonmember scores, ROC arrays, metric JSON, or ready verifier outputs; AUROC is printed/logged only after execution. No Google Drive checkpoint/data download, W&B scraping, training, GPU release, or admitted defense row. See [miahold-higher-order-langevin-artifact-gate-20260515.md](miahold-higher-order-langevin-artifact-gate-20260515.md). |
64
+
| MIAHOLD / HOLD++ higher-order Langevin defense |`hold-defense-watch-plus`| Official `bensterl15/MIAHOLD` and `bensterl15/MIAHOLDCIFAR` are code-public and expose a real higher-order Langevin defense path, audio split filelists, a CIFAR HOLD config, and PIA-style attack code. They do not ship checkpoint-bound target artifacts, reusable member/nonmember scores, ROC arrays, metric JSON, or ready verifier outputs; AUROC is printed/logged only after execution. The 2026-05-25 arXiv `2605.19170` refresh adds same-family HOLD memorization-mitigation paper context, but GitHub searches found no official repository or code/artifact release for that paper. No Google Drive checkpoint/data download, W&B scraping, training, GPU release, or admitted defense row. See [miahold-higher-order-langevin-artifact-gate-20260515.md](miahold-higher-order-langevin-artifact-gate-20260515.md). |
65
65
| VAE2Diffusion latent-space inversion |`hold-membership-blocked`|`mx-ethan-rao/VAE2Diffusion` is code-public and implements a distinct decoder-geometry / latent-dimension filtering line for LDM membership inference, but the README split/checkpoint link is empty, GitHub releases are absent, the recursive tree has no split, checkpoint, score, ROC, metric, response, or verifier artifact blobs, and scripts point to author-local paths requiring training/fine-tuning and pullback/per-dim cache generation. No dataset/model/checkpoint/cache download, GPU release, or admitted row. See [vae2diffusion-latent-space-inversion-gate-20260515.md](vae2diffusion-latent-space-inversion-gate-20260515.md). |
66
66
| Score-based `SimA` official release |`hold-split-manifest-only`|`mx-ethan-rao/SimA` is code-public and implements a distinct denoiser-output score-norm attack across DDPM, Guided Diffusion, LDM, SD1.4, and SD1.5 scripts, but the release has empty split/checkpoint links, no GitHub release assets, no non-vendor split manifests, no checkpoints, no score arrays, no ROC/metric artifacts, and no ready verifier packet. No download or GPU release. See [sima-scorebased-artifact-gate-20260515.md](sima-scorebased-artifact-gate-20260515.md). |
67
67
| Diffusion memorization reference |`hold-semantic-shift`|`YuxinWenRick/diffusion_memorization` is an ICLR 2024 memorization detection/mitigation reference with a public `500`-row `sdv1_500_memorized.jsonl` prompt manifest, but it is not a ready per-sample MIA packet. The ground-truth image archive is `2.60G`, `CompVis/stable-diffusion-v1-4` is not locally cached, and the repo does not ship exact member/nonmember MIA splits, generated response/noise-track packets, score JSON, ROC CSVs, or low-FPR metric artifacts. No download or GPU release. See [diffusion-memorization-asset-gate-20260515.md](diffusion-memorization-asset-gate-20260515.md). |
Copy file name to clipboardExpand all lines: workspaces/implementation/challenger-queue.md
+1-1Lines changed: 1 addition & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -52,7 +52,7 @@ timeline. Historical run IDs and dated notes are in `legacy/`.
52
52
| Quantile Diffusion MIA SecMI `t_error` replay | gray-box / Lane A-B | candidate-support-only | third-party public CIFAR10/CIFAR100 SecMI-style score rows and split manifests replay from committed files with positive AUC | not official Quantile Regression paper output; same-family SecMI support only; no admitted-row consumer contract | keep as support evidence only; do not clone full repo, download DDPM/CIFAR/SharePoint assets, train, fit quantile models, or release GPU |
53
53
| DualMD / DistillMD disjoint-split defense | defense / Lane A-B | defense watch-plus | OpenReview DDMD supplement exposes DDPM/LDM defense code, DDPM split-index files, and FID stats | embedded GitHub origin is not public; no checkpoint-bound defended/undefended scores, ROC arrays, metric JSON, generated response packets, or ready verifier are released | keep as defense watch-plus only; do not download SharePoint Pokemon, Stable Diffusion, CIFAR/STL/Tiny-ImageNet assets, train, run attack scripts, or release GPU |
54
54
| DIFFENCE classifier defense | defense / Lane A-B | defense watch-plus | official repo plus Zenodo `10.5281/zenodo.13706131` snapshot expose code, configs, and split-index files | protected target is an image classifier, diffusion is only a pre-inference defense component, and no checkpoint-bound defended/undefended logits, score rows, ROC arrays, metric JSON, or ready verifier are committed | keep as classifier-defense watch-plus only; do not download Google Drive checkpoints/datasets, train, run MIA scripts, or release GPU |
55
-
| MIAHOLD / HOLD++ higher-order Langevin defense | defense / Lane A-B | defense watch-plus | official MIAHOLD repos expose higher-order Langevin defense code, audio split filelists, a CIFAR HOLD config, and PIA-style attack code| no checkpoint-bound target artifact, reusable score rows, ROC arrays, metric JSON, generated responses, or ready verifier| keep as defense watch-plus only; do not download Google Drive checkpoints/datasets, scrape W&B, train HOLD++ models, or release GPU |
55
+
| MIAHOLD / HOLD++ higher-order Langevin defense | defense / Lane A-B | defense watch-plus | official MIAHOLD repos expose higher-order Langevin defense code, audio split filelists, a CIFAR HOLD config, and PIA-style attack code; arXiv `2605.19170` adds same-family HOLD memorization-mitigation paper context | no checkpoint-bound target artifact, reusable score rows, ROC arrays, metric JSON, generated responses, ready verifier, or new official code/artifact release for `2605.19170`| keep as defense watch-plus only; do not download Google Drive checkpoints/datasets, scrape W&B, train HOLD++ models, implement from the new paper, or release GPU |
56
56
| MT-MIA relational diffusion score packet | intake / Lane A | relational-tabular support-only | official `joshward96/MT-MIA` repo exposes multi-table member/nonmember/reference splits, pre-generated ClavaDDPM and RelDiff synthetic outputs, and `18` MT-MIA score/metric JSONL packets | outside current image/latent Platform/Runtime boundary; packets lack row-ID-bound score manifests and no relational-tabular consumer schema exists | keep as Research-only support evidence; do not download raw/synthetic data, full repo, or training assets, regenerate RelDiff, release GPU, or promote Platform/Runtime rows |
57
57
| VAE2Diffusion latent-space inversion | gray-box / Lane A | code-public latent-space MIA watch-plus | official `mx-ethan-rao/VAE2Diffusion` repo exposes decoder-geometry / latent-dimension filtering code and LDM/SD scripts; arXiv source claims public splits/checkpoints | README split/checkpoint link is empty; no GitHub releases; recursive tree has no split/checkpoint/score/ROC/metric/response/verifier artifacts; scripts require author-local paths and from-scratch training/fine-tuning/cache generation | keep as latent-space mechanism watch; do not download datasets/models/checkpoints/caches, train/fine-tune, run SimA/PFAMI/PIA variants, release GPU, or promote Platform/Runtime rows |
58
58
| DCR copying / replication | intake / Lane A | copying/memorization semantic-shift watch-plus | official `somepago/DCR` repo exposes diffusion replication/copying code, retrieval/similarity scripts, metric helpers, and a committed LAION caption manifest | README LAION-10k Drive split link returns `404`; claim is copying rather than per-sample MIA; no immutable member/nonmember MIA split, target checkpoint, generated response package, score rows, ROC arrays, metric JSON, or ready verifier | keep as copying/privacy watch only; do not download LAION/Drive/model assets, fine-tune, infer, run retrieval, release GPU, or promote Platform/Runtime rows |
0 commit comments