Do Not Merge My Model! Safeguarding Open-Source LLMs Against Unauthorized Model Merging
This addresses a security threat for open-source LLM developers by providing a proactive defense against model merging stealing, though it is incremental as it builds on existing model merging techniques.
The paper tackles the problem of unauthorized model merging in open-source large language models (LLMs), proposing MergeBarrier to disrupt Linear Mode Connectivity and prevent such merging with negligible accuracy loss.
Model merging has emerged as an efficient technique for expanding large language models (LLMs) by integrating specialized expert models. However, it also introduces a new threat: model merging stealing, where free-riders exploit models through unauthorized model merging. Unfortunately, existing defense mechanisms fail to provide effective protection. Specifically, we identify three critical protection properties that existing methods fail to simultaneously satisfy: (1) proactively preventing unauthorized merging; (2) ensuring compatibility with general open-source settings; (3) achieving high security with negligible performance loss. To address the above issues, we propose MergeBarrier, a plug-and-play defense that proactively prevents unauthorized merging. The core design of MergeBarrier is to disrupt the Linear Mode Connectivity (LMC) between the protected model and its homologous counterparts, thereby eliminating the low-loss path required for effective model merging. Extensive experiments show that MergeBarrier effectively prevents model merging stealing with negligible accuracy loss.