Do Not Merge My Model! Safeguarding Open-Source LLMs Against Unauthorized Model Merging

TL;DR

This paper introduces MergeBarrier, a defense mechanism that proactively prevents unauthorized model merging in open-source LLMs by disrupting linear mode connectivity, effectively safeguarding models with minimal performance impact.

Contribution

The paper proposes MergeBarrier, a novel plug-and-play method that disrupts linear mode connectivity to prevent unauthorized model merging in open-source LLMs.

Findings

MergeBarrier effectively prevents model merging stealing.

It achieves high security with negligible accuracy loss.

Extensive experiments validate its effectiveness.

Abstract

Model merging has emerged as an efficient technique for expanding large language models (LLMs) by integrating specialized expert models. However, it also introduces a new threat: model merging stealing, where free-riders exploit models through unauthorized model merging. Unfortunately, existing defense mechanisms fail to provide effective protection. Specifically, we identify three critical protection properties that existing methods fail to simultaneously satisfy: (1) proactively preventing unauthorized merging; (2) ensuring compatibility with general open-source settings; (3) achieving high security with negligible performance loss. To address the above issues, we propose MergeBarrier, a plug-and-play defense that proactively prevents unauthorized merging. The core design of MergeBarrier is to disrupt the Linear Mode Connectivity (LMC) between the protected model and its homologous counterparts, thereby eliminating the low-loss path required for effective model merging. Extensive experiments show that MergeBarrier effectively prevents model merging stealing with negligible accuracy loss.