Mihai Maruseac
Supply chain security @ Google OSS Security Team
Mihai Maruseac is a member of Google Open Source Security team (GOSST), working on Supply Chain Security, mainly on GUAC. Before joining GOSST, Mihai created the TensorFlow Security team after joining Google, moving from a startup to incorporate Differential Privacy (DP) withing Machine Learning (ML) algorithms. Mihai has a PhD in Differential Privacy from UMass Boston.
Sessions
The increasing prevalence of AI models necessitates robust mechanisms to ensure their trustworthiness. This talk introduces a standardized, PKI-agnostic approach to verifying the origins and integrity of machine learning models, as built by the OpenSSF Model Signing project. We extend this methodology beyond models to encompass datasets and other associated files, offering a holistic solution for maintaining data provenance and integrity.
The machine learning landscape is evolving at a breakneck pace, and with innovation comes new and insidious security threats. While LLMs unlock exciting new possibilities, they also open doors for model poisoning, and supply chain vulnerabilities. In this talk, we'll pull back the curtain on our journey to fortify the ML ecosystem against these risks. We'll share how we developed and implemented a scalable solution for signing models with Sigstore, integrate it with the Kaggle model repository, and the transformative impact it's had on Kaggle's community.