Cryptographic Fingerprinting for Medical AI: A Proof-of-Concept Approach to Protecting Healthcare ML Models from API Extraction

Medical AI models represent valuable intellectual property that increasingly face threats from API-based model extraction attacks. We introduce a novel cryptographic fingerprinting approach designed specifically for healthcare machine learning models that embeds detectable watermarks while preserving clinical accuracy. Our method modifies uncertainty quantification patterns in neural network outputs to create cryptographically secure fingerprints without affecting medical predictions. Through rigorous experiments on ECG pattern classification using a dataset of 1,200 synthetic cardiac signals across 4 conditions, we demonstrate perfect accuracy preservation (99.33\% maintained) while enabling statistical detection of model theft. Our proof-of-concept shows that sophisticated attackers achieving 98.33\% extraction accuracy with 1,500 API queries produce 99\% victim-surrogate agreement—providing statistical evidence of intellectual property theft. The approach introduces modest computational overhead (+12.92\%), which remains practical for high-value medical AI deployment. This work establishes the first framework for protecting medical AI intellectual property through post-training fingerprinting and provides a foundation for future research in healthcare AI security.