SUNY Korea Team Exposes Major Privacy Flaw in Vision Models, Accepted to ECCV 2026
AuthorComputer ScienceREG_DATE2026.07.07Hits200
Prof. François Rameau's research team has revealed a major privacy vulnerability in AI-based visual localization models. Their research paper, titled “Seeing Through the Weights: Privacy Leakage in Scene Coordinate Regression,” has been accepted to ECCV 2026, one of the world's most prestigious venues in computer vision and AI. The conference will be held in Malmö, Sweden, from September 8 to 12, 2026.
Certain neural network-based visual localization models have long been considered naturally privacy-preserving, since they encode a scene implicitly in their parameters rather than storing images or 3D maps. This work shows that this assumption does not hold: trained models can still leak sensitive information about the environments used to train them.
This research was conducted by Ph.D. student Oleksii Nasypanyi and M.S. student Jaemin Cho, under the supervision of Prof. Utku Ozbulak, Prof. Byungkon Kang, and Prof. François Rameau. The project also reflects a close collaboration within the Incheon Global Campus, bringing together researchers from SUNY Korea, Ghent University Global Campus, and George Mason University Korea.
The team shows that an attacker does not need any images of the target scene to extract information from the model. By simply feeding it random, unrelated images and collecting its outputs, they can gradually reconstruct both the structure and the appearance of the environment the model was trained on. The attack works under different levels of access to the model, from full access to more restricted settings where only its outputs are visible
By identifying this vulnerability, the research highlights the need for stronger privacy-aware design and evaluation in AI-based spatial intelligence systems.