RobQuNNs: A Methodology for Robust Quanvolutional Neural Networks against Adversarial Attacks

Maouaki, Walid El; Marchisio, Alberto; Said, Taoufik; Shafique, Muhammad; Bennai, Mohamed

量子物理

arXiv:2407.03875 (quant-ph)

[提交于 2024年7月4日 ]

标题： RobQuNNs：一种针对对抗攻击的鲁棒量化卷积神经网络方法

标题： RobQuNNs: A Methodology for Robust Quanvolutional Neural Networks against Adversarial Attacks

Authors:Walid El Maouaki, Alberto Marchisio, Taoufik Said, Muhammad Shafique, Mohamed Bennai

摘要：最近量子计算的进展导致了混合量子神经网络的出现，例如量子卷积神经网络（QuNNs），它们集成了量子和经典层。尽管经典神经网络容易受到对抗攻击已广为人知，但对QuNNs的影响仍不太清楚。本研究引入了RobQuNN，一种新的方法来增强QuNNs对抗对抗攻击的鲁棒性，利用量子电路可表达性和纠缠能力以及不同的对抗策略。此外，该研究使用RobQuNN调查了对抗样本在经典和量子模型之间的可迁移性，增强了我们对跨模型漏洞的理解，并指出了量子网络安全的新方向。研究结果表明，对于MNIST数据集，QuNNs的鲁棒性比经典网络高出高达60%，尤其是在扰动水平较低时。这突显了量子方法在提高安全防御方面的潜力。此外，RobQuNN表明，无论量子电路架构如何，QuNN都不会表现出对跨模型对抗样本的增强抵抗力或易感性。

摘要： Recent advancements in quantum computing have led to the emergence of hybrid quantum neural networks, such as Quanvolutional Neural Networks (QuNNs), which integrate quantum and classical layers. While the susceptibility of classical neural networks to adversarial attacks is well-documented, the impact on QuNNs remains less understood. This study introduces RobQuNN, a new methodology to enhance the robustness of QuNNs against adversarial attacks, utilizing quantum circuit expressibility and entanglement capability alongside different adversarial strategies. Additionally, the study investigates the transferability of adversarial examples between classical and quantum models using RobQuNN, enhancing our understanding of cross-model vulnerabilities and pointing to new directions in quantum cybersecurity. The findings reveal that QuNNs exhibit up to 60\% higher robustness compared to classical networks for the MNIST dataset, particularly at low levels of perturbation. This underscores the potential of quantum approaches in improving security defenses. In addition, RobQuNN revealed that QuNN does not exhibit enhanced resistance or susceptibility to cross-model adversarial examples regardless of the quantum circuit architecture.

评论：	6页，3图
主题：	量子物理 (quant-ph)
引用方式：	arXiv:2407.03875 [quant-ph]
	(或者 arXiv:2407.03875v1 [quant-ph] 对于此版本)
	https://doi.org/10.48550/arXiv.2407.03875
期刊参考：	2024 IEEE International Conference on Image Processing (ICIP)

提交历史

来自： Walid El Maouaki [查看电子邮件]
[v1] 星期四， 2024 年 7 月 4 日 12:13:52 UTC (245 KB)

量子物理

标题： RobQuNNs：一种针对对抗攻击的鲁棒量化卷积神经网络方法

标题： RobQuNNs: A Methodology for Robust Quanvolutional Neural Networks against Adversarial Attacks

提交历史

获取论文：

参考文献与引用

收藏

文献和引用工具

与本文相关的代码，数据和媒体

演示

推荐器和搜索工具

arXivLabs：与社区合作伙伴的实验项目

量子物理

标题： RobQuNNs：一种针对对抗攻击的鲁棒量化卷积神经网络方法 显示英文标题

标题： RobQuNNs: A Methodology for Robust Quanvolutional Neural Networks against Adversarial Attacks

提交历史

获取论文：

参考文献与引用

BibTeX 格式的引用

收藏

文献和引用工具

与本文相关的代码，数据和媒体

演示

推荐器和搜索工具

arXivLabs：与社区合作伙伴的实验项目

标题： RobQuNNs：一种针对对抗攻击的鲁棒量化卷积神经网络方法