{"id":"https://openalex.org/W4413318822","doi":"https://doi.org/10.1109/tdsc.2025.3600224","title":"GAMC: Generic and Anti-MDA Model Certification for Intellectual Property Protection in MLaaS","display_name":"GAMC: Generic and Anti-MDA Model Certification for Intellectual Property Protection in MLaaS","publication_year":2025,"publication_date":"2025-08-19","ids":{"openalex":"https://openalex.org/W4413318822","doi":"https://doi.org/10.1109/tdsc.2025.3600224"},"language":"en","primary_location":{"id":"doi:10.1109/tdsc.2025.3600224","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tdsc.2025.3600224","pdf_url":null,"source":{"id":"https://openalex.org/S133795288","display_name":"IEEE Transactions on Dependable and Secure Computing","issn_l":"1545-5971","issn":["1545-5971","1941-0018","2160-9209"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Dependable and Secure Computing","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5017362771","display_name":"Xiaohan Hao","orcid":"https://orcid.org/0000-0002-4770-7084"},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Xiaohan Hao","raw_affiliation_strings":["Artificial Intelligence Thrust, Information Hub, Hong Kong University of Science and Technology (Guangzhou), Guangzhou, China"],"raw_orcid":"https://orcid.org/0000-0002-4770-7084","affiliations":[{"raw_affiliation_string":"Artificial Intelligence Thrust, Information Hub, Hong Kong University of Science and Technology (Guangzhou), Guangzhou, China","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5037642352","display_name":"Chao Lin","orcid":"https://orcid.org/0000-0002-0101-8531"},"institutions":[{"id":"https://openalex.org/I111753288","display_name":"Fujian Normal University","ror":"https://ror.org/020azk594","country_code":"CN","type":"education","lineage":["https://openalex.org/I111753288"]},{"id":"https://openalex.org/I9842412","display_name":"Nanjing University of Aeronautics and Astronautics","ror":"https://ror.org/01scyh794","country_code":"CN","type":"education","lineage":["https://openalex.org/I9842412"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Chao Lin","raw_affiliation_strings":["College of Computer Science and Technology, College of Software, Nanjing University of Aeronautics and Astronautics, Fuzhou, China","Fujian Provincial Key Laboratory of Network Security and Cryptology, College of Computer and Cyber Security, Fujian Normal University, Fuzhou, China"],"raw_orcid":"https://orcid.org/0000-0002-0101-8531","affiliations":[{"raw_affiliation_string":"College of Computer Science and Technology, College of Software, Nanjing University of Aeronautics and Astronautics, Fuzhou, China","institution_ids":["https://openalex.org/I9842412"]},{"raw_affiliation_string":"Fujian Provincial Key Laboratory of Network Security and Cryptology, College of Computer and Cyber Security, Fujian Normal University, Fuzhou, China","institution_ids":["https://openalex.org/I111753288"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101447670","display_name":"Xuan He","orcid":"https://orcid.org/0000-0003-0725-3388"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Xuan He","raw_affiliation_strings":["Artificial Intelligence Thrust, Information Hub, Hong Kong University of Science and Technology (Guangzhou), Guangzhou, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Artificial Intelligence Thrust, Information Hub, Hong Kong University of Science and Technology (Guangzhou), Guangzhou, China","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5031931063","display_name":"Xinyi Huang","orcid":"https://orcid.org/0000-0003-0070-1707"},"institutions":[{"id":"https://openalex.org/I159948400","display_name":"Jinan University","ror":"https://ror.org/02xe5ns62","country_code":"CN","type":"education","lineage":["https://openalex.org/I159948400"]},{"id":"https://openalex.org/I9842412","display_name":"Nanjing University of Aeronautics and Astronautics","ror":"https://ror.org/01scyh794","country_code":"CN","type":"education","lineage":["https://openalex.org/I9842412"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Xinyi Huang","raw_affiliation_strings":["College of Computer Science and Technology, College of Software, Nanjing University of Aeronautics and Astronautics, Fuzhou, China","College of Cyber Security, Jinan University, Guangzhou, China"],"raw_orcid":"https://orcid.org/0000-0003-0070-1707","affiliations":[{"raw_affiliation_string":"College of Computer Science and Technology, College of Software, Nanjing University of Aeronautics and Astronautics, Fuzhou, China","institution_ids":["https://openalex.org/I9842412"]},{"raw_affiliation_string":"College of Cyber Security, Jinan University, Guangzhou, China","institution_ids":["https://openalex.org/I159948400"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5017362771"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.27494108,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"22","issue":"6","first_page":"7835","last_page":"7848"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.8536999821662903,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},"topics":[{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.8536999821662903,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T13295","display_name":"Safety Systems Engineering in Autonomy","score":0.8248999714851379,"subfield":{"id":"https://openalex.org/subfields/2213","display_name":"Safety, Risk, Reliability and Quality"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.7300999760627747,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/certification","display_name":"Certification","score":0.7731257081031799},{"id":"https://openalex.org/keywords/intellectual-property","display_name":"Intellectual property","score":0.6498763561248779},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5804075598716736},{"id":"https://openalex.org/keywords/property","display_name":"Property (philosophy)","score":0.5611473917961121},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.460041344165802},{"id":"https://openalex.org/keywords/industrial-property","display_name":"Industrial property","score":0.4153895080089569},{"id":"https://openalex.org/keywords/law","display_name":"Law","score":0.12889528274536133},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.09354493021965027}],"concepts":[{"id":"https://openalex.org/C46304622","wikidata":"https://www.wikidata.org/wiki/Q374814","display_name":"Certification","level":2,"score":0.7731257081031799},{"id":"https://openalex.org/C34974158","wikidata":"https://www.wikidata.org/wiki/Q131257","display_name":"Intellectual property","level":2,"score":0.6498763561248779},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5804075598716736},{"id":"https://openalex.org/C189950617","wikidata":"https://www.wikidata.org/wiki/Q937228","display_name":"Property (philosophy)","level":2,"score":0.5611473917961121},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.460041344165802},{"id":"https://openalex.org/C2778419888","wikidata":"https://www.wikidata.org/wiki/Q2750057","display_name":"Industrial property","level":3,"score":0.4153895080089569},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.12889528274536133},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.09354493021965027},{"id":"https://openalex.org/C111472728","wikidata":"https://www.wikidata.org/wiki/Q9471","display_name":"Epistemology","level":1,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/tdsc.2025.3600224","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tdsc.2025.3600224","pdf_url":null,"source":{"id":"https://openalex.org/S133795288","display_name":"IEEE Transactions on Dependable and Secure Computing","issn_l":"1545-5971","issn":["1545-5971","1941-0018","2160-9209"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Dependable and Secure Computing","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G4117558629","display_name":null,"funder_award_id":"U21A20466","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G5371332048","display_name":null,"funder_award_id":"62425205","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G5669255772","display_name":null,"funder_award_id":"62032005","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G7406850032","display_name":null,"funder_award_id":"62102089","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"}],"funders":[{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":36,"referenced_works":["https://openalex.org/W2194321275","https://openalex.org/W2579318729","https://openalex.org/W2768064608","https://openalex.org/W2806082141","https://openalex.org/W2913435035","https://openalex.org/W2935349488","https://openalex.org/W2937447982","https://openalex.org/W2952608669","https://openalex.org/W2963303354","https://openalex.org/W2963446712","https://openalex.org/W2963809228","https://openalex.org/W2964137095","https://openalex.org/W2997717738","https://openalex.org/W3120396155","https://openalex.org/W3132481243","https://openalex.org/W3156011647","https://openalex.org/W3170720090","https://openalex.org/W3175133087","https://openalex.org/W3196175036","https://openalex.org/W3216556018","https://openalex.org/W4200633448","https://openalex.org/W4283803103","https://openalex.org/W4290878311","https://openalex.org/W4292993844","https://openalex.org/W4308643089","https://openalex.org/W4315929005","https://openalex.org/W4362714395","https://openalex.org/W4382317564","https://openalex.org/W4385382984","https://openalex.org/W4385567795","https://openalex.org/W4386072370","https://openalex.org/W4387967949","https://openalex.org/W4400694648","https://openalex.org/W4401568505","https://openalex.org/W4405440578","https://openalex.org/W4406921698"],"related_works":["https://openalex.org/W255582495","https://openalex.org/W244107939","https://openalex.org/W3005510920","https://openalex.org/W2810079522","https://openalex.org/W2362725074","https://openalex.org/W4239545765","https://openalex.org/W3208508403","https://openalex.org/W1991079443","https://openalex.org/W2119914337","https://openalex.org/W2052574908"],"abstract_inverted_index":{"While":[0],"machine":[1],"learning":[2],"as":[3,185],"a":[4,61,74,91,114,170,181,186],"service":[5],"(MLaaS)":[6],"enables":[7],"users":[8],"to":[9,33,46,102,130,173,209],"leverage":[10],"powerful":[11],"pre-trained":[12],"models":[13],"at":[14],"low":[15],"cost,":[16],"it":[17,81,89],"also":[18],"poses":[19],"significant":[20],"intellectual":[21],"property":[22],"risks":[23],"for":[24,235],"model":[25,66,93,105,117,176,224],"builders.":[26],"A":[27],"widely":[28],"adopted":[29],"defense":[30],"mechanism":[31,178],"is":[32],"embed":[34],"ownership":[35,50,101],"credentials":[36],"(e.g.,":[37],"watermarking":[38,128,203],"information)":[39],"into":[40,90],"the":[41,44,53,65,78,103,158,175,191],"model,":[42],"allowing":[43],"verifier":[45,75],"examine":[47],"them":[48],"during":[49,150],"verification.":[51],"Despite":[52],"effectiveness":[54],"of":[55,160,193],"such":[56],"watermark-based":[57],"schemes,":[58],"we":[59,168],"identify":[60,135],"critical":[62],"vulnerability,":[63],"termed":[64],"defamation":[67,225],"attack":[68],"(MDA).":[69],"If":[70],"an":[71],"adversary":[72],"compromises":[73],"and":[76,97,152,179,197,205,213],"obtains":[77],"submitted":[79,163],"credential,":[80],"can":[82,122],"reuse":[83,159],"this":[84,166],"stolen":[85],"information":[86,146],"by":[87,227],"embedding":[88],"malicious":[92],"<italic":[94],"xmlns:mml=\"http://www.w3.org/1998/Math/MathML\"":[95],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">E</i>\u02c6":[96],"falsely":[98],"attribute":[99],"its":[100,211,233],"original":[104],"builder,":[106],"thereby":[107],"damaging":[108],"their":[109,132],"reputation.":[110],"This":[111],"paper":[112],"presents":[113],"generic":[115],"anti-MDA":[116,195],"certification":[118,177],"(GAMC)":[119],"framework":[120,196],"that":[121,219],"be":[123],"seamlessly":[124],"integrated":[125],"with":[126,229],"existing":[127],"schemes":[129,204],"enhance":[131],"robustness.":[133],"We":[134,188],"two":[136],"design":[137,180],"goals:":[138],"(1)":[139],"credential":[140,154],"confidentiality,":[141],"which":[142,156],"prevents":[143,157],"sensitive":[144],"watermark-related":[145],"from":[147],"being":[148],"leaked":[149],"verification;":[151],"(2)":[153],"non-reusability,":[155],"any":[161],"previously":[162],"credentials.":[164],"To":[165],"end,":[167],"employ":[169],"cryptographic":[171],"accumulator":[172],"construct":[174],"customized":[182],"\u03a3OR":[183],"protocol":[184],"complement.":[187],"formally":[189],"prove":[190],"security":[192],"our":[194],"conduct":[198],"extensive":[199],"experiments":[200],"across":[201],"various":[202],"neural":[206],"network":[207],"architectures":[208],"evaluate":[210],"compatibility":[212],"effectiveness.":[214],"The":[215],"experimental":[216],"results":[217],"show":[218],"GAMC":[220],"improves":[221],"robustness":[222],"against":[223],"attacks":[226],"86.67%":[228],"negligible":[230],"overhead,":[231],"demonstrating":[232],"practicality":[234],"real-world":[236],"deployment":[237]},"counts_by_year":[],"updated_date":"2025-11-14T23:14:49.485078","created_date":"2025-10-10T00:00:00"}