To address the coupled challenges of model ownership protection, data privacy preservation, and misuse prevention in large language model (LLM) deployment, this paper proposes TaylorMLP: a novel framework that publishes model weights as coefficients of a Taylor series expansion—replacing direct weight distribution with mathematical parameterization. Crucially, TaylorMLP leverages the number of retained series terms to jointly optimize controllable inference latency and resistance against reverse engineering. Extensive experiments across five benchmarks and three mainstream LLM architectures demonstrate that TaylorMLP preserves original generation quality exactly (zero degradation), achieves 100% failure rate in reconstructing original weights, and enables configurable, significant latency increases. To our knowledge, TaylorMLP is the first work to systematically exploit Taylor series expansion for secure model dissemination, establishing a new paradigm for LLM intellectual property protection and trustworthy deployment.

Ensuring the security of released large language models (LLMs) poses a significant dilemma, as existing mechanisms either compromise ownership rights or raise data privacy concerns. To address this dilemma, we introduce TaylorMLP to protect the ownership of released LLMs and prevent their abuse. Specifically, TaylorMLP preserves the ownership of LLMs by transforming the weights of LLMs into parameters of Taylor-series. Instead of releasing the original weights, developers can release the Taylor-series parameters with users, thereby ensuring the security of LLMs. Moreover, TaylorMLP can prevent abuse of LLMs by adjusting the generation speed. It can induce low-speed token generation for the protected LLMs by increasing the terms in the Taylor-series. This intentional delay helps LLM developers prevent potential large-scale unauthorized uses of their models. Empirical experiments across five datasets and three LLM architectures demonstrate that TaylorMLP induces over increase in latency, producing the tokens precisely matched with original LLMs. Subsequent defensive experiments further confirm that TaylorMLP effectively prevents users from reconstructing the weight values based on downstream datasets.