This paper addresses the lack of systematic, cross-modal research on model inversion attacks (MIAs) by presenting the first unified survey of MIA modeling principles, optimization challenges, and defense paradigms across image, text, and graph data. It systematically analyzes mainstream attack and defense techniques—including gradient inversion, generative adversarial reconstruction, feature distillation, differential privacy, and adversarial training—to expose multi-source privacy leakage risks arising from open access to deep learning models. Key contributions are: (1) a novel, structured knowledge framework for MIAs covering multiple modalities; (2) identification of common limitations in existing methods regarding generalizability, practicality, and theoretical guarantees; and (3) a reproducible, standardized research methodology, accompanied by an open-sourced literature repository on GitHub. The work establishes both theoretical foundations and practical guidelines for privacy-preserving machine learning research.

The success of deep neural networks has driven numerous research studies and applications from Euclidean to non-Euclidean data. However, there are increasing concerns about privacy leakage, as these networks rely on processing private data. Recently, a new type of privacy attack, the model inversion attacks (MIAs), aims to extract sensitive features of private data for training by abusing access to a well-trained model. The effectiveness of MIAs has been demonstrated in various domains, including images, texts, and graphs. These attacks highlight the vulnerability of neural networks and raise awareness about the risk of privacy leakage within the research community. Despite the significance, there is a lack of systematic studies that provide a comprehensive overview and deeper insights into MIAs across different domains. This survey aims to summarize up-to-date MIA methods in both attacks and defenses, highlighting their contributions and limitations, underlying modeling principles, optimization challenges, and future directions. We hope this survey bridges the gap in the literature and facilitates future research in this critical area. Besides, we are maintaining a repository to keep track of relevant research at https://github.com/AndrewZhou924/Awesome-model-inversion-attack.