SciPy 2025

Mihai Maruseac

Supply chain security @ Google OSS Security Team

Mihai Maruseac is a member of Google Open Source Security team (GOSST), working on Supply Chain Security, mainly on GUAC. Before joining GOSST, Mihai created the TensorFlow Security team after joining Google, moving from a startup to incorporate Differential Privacy (DP) withing Machine Learning (ML) algorithms. Mihai has a PhD in Differential Privacy from UMass Boston.

The speaker's profile picture

Sessions

07-11
13:55
30min
From Model to Trust: Building upon tamper-proof ML metadata records
Mihai Maruseac

The increasing prevalence of AI models necessitates robust mechanisms to ensure their trustworthiness. This talk introduces a standardized, PKI-agnostic approach to verifying the origins and integrity of machine learning models, as built by the OpenSSF Model Signing project. We extend this methodology beyond models to encompass datasets and other associated files, offering a holistic solution for maintaining data provenance and integrity.

Machine Learning, Data Science, and Explainable AI
Room 315
0min
Taming the Wild West of ML: Practical Model Signing with Sigstore on Kaggle
Mihai Maruseac

The machine learning landscape is evolving at a breakneck pace, and with innovation comes new and insidious security threats. While LLMs unlock exciting new possibilities, they also open doors for model poisoning, and supply chain vulnerabilities. In this talk, we'll pull back the curtain on our journey to fortify the ML ecosystem against these risks. We'll share how we developed and implemented a scalable solution for signing models with Sigstore, integrate it with the Kaggle model repository, and the transformative impact it's had on Kaggle's community.

Machine Learning, Data Science, and Explainable AI