{"id":"https://openalex.org/W7102415000","doi":"https://doi.org/10.48550/arxiv.2510.23938","title":"Scalable GPU-Based Integrity Verification for Large Machine Learning Models","display_name":"Scalable GPU-Based Integrity Verification for Large Machine Learning Models","publication_year":2025,"publication_date":"2025-10-27","ids":{"openalex":"https://openalex.org/W7102415000","doi":"https://doi.org/10.48550/arxiv.2510.23938"},"language":null,"primary_location":{"id":"doi:10.48550/arxiv.2510.23938","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2510.23938","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"type":"preprint","indexed_in":["datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://doi.org/10.48550/arxiv.2510.23938","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":null,"display_name":"Spoczynski, Marcin","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Spoczynski, Marcin","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"last","author":{"id":null,"display_name":"Melara, Marcela S.","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Melara, Marcela S.","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":2,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":true,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9122999906539917,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9122999906539917,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12122","display_name":"Physical Unclonable Functions (PUFs) and Hardware Security","score":0.016499999910593033,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10054","display_name":"Parallel Computing and Optimization Techniques","score":0.00860000029206276,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/scalability","display_name":"Scalability","score":0.67330002784729},{"id":"https://openalex.org/keywords/trusted-computing","display_name":"Trusted Computing","score":0.396699994802475},{"id":"https://openalex.org/keywords/cuda","display_name":"CUDA","score":0.376800000667572},{"id":"https://openalex.org/keywords/formal-verification","display_name":"Formal verification","score":0.3756999969482422},{"id":"https://openalex.org/keywords/data-integrity","display_name":"Data integrity","score":0.34130001068115234},{"id":"https://openalex.org/keywords/cryptography","display_name":"Cryptography","score":0.33739998936653137},{"id":"https://openalex.org/keywords/execution-model","display_name":"Execution model","score":0.3125}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8745999932289124},{"id":"https://openalex.org/C48044578","wikidata":"https://www.wikidata.org/wiki/Q727490","display_name":"Scalability","level":2,"score":0.67330002784729},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.4253999888896942},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.41990000009536743},{"id":"https://openalex.org/C2776831232","wikidata":"https://www.wikidata.org/wiki/Q966812","display_name":"Trusted Computing","level":2,"score":0.396699994802475},{"id":"https://openalex.org/C2778119891","wikidata":"https://www.wikidata.org/wiki/Q477690","display_name":"CUDA","level":2,"score":0.376800000667572},{"id":"https://openalex.org/C111498074","wikidata":"https://www.wikidata.org/wiki/Q173326","display_name":"Formal verification","level":2,"score":0.3756999969482422},{"id":"https://openalex.org/C33762810","wikidata":"https://www.wikidata.org/wiki/Q461671","display_name":"Data integrity","level":2,"score":0.34130001068115234},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.33739998936653137},{"id":"https://openalex.org/C2776834041","wikidata":"https://www.wikidata.org/wiki/Q25346349","display_name":"Execution model","level":2,"score":0.3125},{"id":"https://openalex.org/C15927051","wikidata":"https://www.wikidata.org/wiki/Q246593","display_name":"Cryptographic primitive","level":4,"score":0.2930999994277954},{"id":"https://openalex.org/C50630238","wikidata":"https://www.wikidata.org/wiki/Q971505","display_name":"General-purpose computing on graphics processing units","level":3,"score":0.2793999910354614},{"id":"https://openalex.org/C49154492","wikidata":"https://www.wikidata.org/wiki/Q5300","display_name":"Central processing unit","level":2,"score":0.2784000039100647},{"id":"https://openalex.org/C33884865","wikidata":"https://www.wikidata.org/wiki/Q1254335","display_name":"Cryptographic protocol","level":3,"score":0.2694000005722046},{"id":"https://openalex.org/C202973057","wikidata":"https://www.wikidata.org/wiki/Q7380130","display_name":"Runtime verification","level":3,"score":0.26739999651908875},{"id":"https://openalex.org/C118524514","wikidata":"https://www.wikidata.org/wiki/Q173212","display_name":"Computer architecture","level":1,"score":0.26510000228881836},{"id":"https://openalex.org/C173608175","wikidata":"https://www.wikidata.org/wiki/Q232661","display_name":"Parallel computing","level":1,"score":0.2639999985694885},{"id":"https://openalex.org/C93996380","wikidata":"https://www.wikidata.org/wiki/Q44127","display_name":"Server","level":2,"score":0.2623000144958496}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.48550/arxiv.2510.23938","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2510.23938","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"doi:10.48550/arxiv.2510.23938","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2510.23938","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"sustainable_development_goals":[{"display_name":"Industry, innovation and infrastructure","score":0.6500021815299988,"id":"https://metadata.un.org/sdg/9"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"We":[0],"present":[1],"a":[2,142,174],"security":[3,54],"framework":[4,140],"that":[5,97,121,147,177],"strengthens":[6],"distributed":[7],"machine":[8],"learning":[9],"by":[10],"standardizing":[11],"integrity":[12,27,126,144],"protections":[13],"across":[14,150],"CPU":[15,186],"and":[16,19,52,67,117,154,169,187],"GPU":[17,36,152,170,188],"platforms":[18],"significantly":[20],"reducing":[21],"verification":[22,28,102,145],"overheads.":[23],"Our":[24],"approach":[25,110],"co-locates":[26],"directly":[29],"with":[30,106,130],"large":[31,44,107],"ML":[32,45,123],"model":[33,131],"execution":[34,132,167],"on":[35,50,76],"accelerators,":[37,171],"resolving":[38],"the":[39,93,112],"fundamental":[40],"mismatch":[41],"between":[42,165],"how":[43,53],"workloads":[46,124],"typically":[47],"run":[48],"(primarily":[49],"GPUs)":[51],"verifications":[55],"traditionally":[56],"operate":[57],"(on":[58],"separate":[59],"CPU-based":[60,101],"processes),":[61],"delivering":[62],"both":[63],"immediate":[64],"performance":[65],"benefits":[66],"long-term":[68],"architectural":[69,95],"consistency.":[70],"By":[71,157],"performing":[72],"cryptographic":[73],"operations":[74],"natively":[75],"GPUs":[77],"using":[78],"dedicated":[79],"compute":[80],"units":[81],"(e.g.,":[82],"Intel":[83],"Arc's":[84],"XMX":[85],"units,":[86],"NVIDIA's":[87],"Tensor":[88],"Cores),":[89],"our":[90],"solution":[91],"eliminates":[92],"potential":[94],"bottlenecks":[96],"could":[98],"plague":[99],"traditional":[100],"systems":[103],"when":[104],"dealing":[105],"models.":[108],"This":[109,139],"leverages":[111],"same":[113],"GPU-based":[114],"high-memory":[115],"bandwidth":[116],"parallel":[118],"processing":[119],"primitives":[120],"power":[122],"ensuring":[125],"checks":[127],"keep":[128],"pace":[129],"even":[133],"for":[134,161],"massive":[135],"models":[136],"exceeding":[137],"100GB.":[138],"establishes":[141],"common":[143],"mechanism":[146],"works":[148],"consistently":[149],"different":[151],"vendors":[153],"hardware":[155],"configurations.":[156],"anticipating":[158],"future":[159],"capabilities":[160],"creating":[162],"secure":[163],"channels":[164],"trusted":[166],"environments":[168],"we":[172],"provide":[173],"hardware-agnostic":[175],"foundation":[176],"enterprise":[178],"teams":[179],"can":[180],"deploy":[181],"regardless":[182],"of":[183],"their":[184],"underlying":[185],"infrastructures.":[189]},"counts_by_year":[],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-30T00:00:00"}