Probe-Me-Not: Protecting Pre-trained Encoders from Malicious Probing
Ruyi Ding
Network and Distributed System Security (NDSS) Symposium 2025 · Day 2 · ML Security
In the rapidly evolving landscape of machine learning, the paradigm of **transfer learning** has become a cornerstone, enabling the development of highly accurate models with significantly reduced data and computational resources. This talk, "Probe-Me-Not: Protecting Pre-trained Encoders from Malicious Probing," delivered by Ruyi Ding from Northeastern University, addresses a critical intellectual property (IP) and security threat inherent in the widespread use of pre-trained models, particularly those offered as API services. The core problem revolves around preventing the misuse of these powerful pre-trained encoders for "prohibited" or "harmful" tasks, even as they continue to perform optimally for their intended, "authorized" applications.
AI review
Legitimate academic ML security research with a coherent threat model and a technically sound framework. The problem — preventing malicious reuse of pre-trained encoders via linear probing — is real and undersolved. But this is a venue paper presentation, not a practitioner security talk, and the gap between academic elegance and deployment reality is never closed.