LicenseNet: Proactively safeguarding intellectual property of AI models through model license

With the widespread adoption of AI models in edge computing systems, these high-value models face significant risks of theft, misuse, and tampering due to the lower security and reliability of edge devices compared to the cloud. The leakage of models can result in substantial financial losses and security threats, making the protection of intellectual property (IP) crucial. Existing watermark-based IP verification techniques fail to proactively prevent infringement, while other active IP protection solutions often suffer from high overhead, low performance, and inadequate security. This paper proposes LicenseNet, an AI model IP protection framework based on licenses, which enables authorized access to models by embedding license features within them. We design a gradient optimization-based method for synchronizing license training with model parameters and introduce a random perturbation-based data standardization technique. This allows the trained model to generate correct inferences for license data while producing confusing results for original data, thus enhancing the security of the model on edge devices. Additionally, to enhance the model's resistance against fine-tuning attacks, a supervised discrimination mechanism is incorporated. Experimental results demonstrate that LicenseNet achieves higher security, reduced performance loss, and an improvement in resistance to fine-tuning attacks by at least 29.03% compared to existing methods in edge computing environments.