Search papers, labs, and topics across Lattice.
LoREnc is introduced as a training-free framework to protect foundation models (FMs) and LoRA adapters from intellectual property leakage and model recovery attacks. It operates by suppressing dominant low-rank components in FM weights, compensating for this loss in authorized adapters, and applying orthogonal reparameterization to hide adapter fingerprints. Experiments show LoREnc effectively prevents model recovery with minimal computational overhead (under 1%), while authorized users maintain original performance.
Stop IP thieves cold: LoREnc lets you lock down your foundation models and LoRA adapters without retraining, crushing model recovery attacks while keeping performance intact for authorized users.
Foundation models and low-rank adapters enable efficient on-device generative AI but raise risks such as intellectual property leakage and model recovery attacks. Existing defenses are often impractical because they require retraining or access to the original dataset. We propose LoREnc, a training-free framework that secures both FMs and adapters via spectral truncation and compensation. LoREnc suppresses dominant low-rank components of FM weights, compensates for the missing information in authorized adapters, and further applies orthogonal reparameterization to obscure structural fingerprints of the protected adapter. Unauthorized users produce structurally collapsed outputs, while authorized users recover exact performance. Experiments demonstrate that LoREnc provides strong protection against model recovery with under 1% computational overhead.
